ServerBuddies Support Blog

Changing the proxy ports and addresses in Webmin

By default, Squid listens for proxy requests on TCP port 3128 on all of your system’s IP addresses. Because this is not the usual port that proxies are run on (8000 and 8080 seem to be the most common), you may want to change it. You might also want to edit the listening address so that only clients on your internal network can connect, if your system has more than one network interface.

To specify the ports that Squid uses, follow these steps :

1. On the module’s main page, click on the Ports and Networking icon.

2. In the Proxy addresses and ports table, select the Listed below option. In the table below, each row defines a listening port and optionally an address to bind to. Any existing ports and addresses will be listed, followed by a single blank row for adding a new one. In the first empty field in the Port column, enter a port number like 8000 or 8080. In the Hostname/IP address column, either select All to accept connections on any of your system’s interfaces, or the second option to enter an IP address in the adjacent text box. Using this table, Squid can be configured to listen on as many ports as you like. However, because only one blank row appears at a time you will need to save and re-open the form to add more than one new port.

3. ICP is a protocol used by Squid to communicate with other proxies in a cluster. To listen on a port other than the default of 3130 for ICP, fill in the ICP port field. This is not generally necessary though, as only other proxies ever use this protocol.

4. Squid will normally accept ICP connections on any IP address. To change this, select the second radio button in the Incoming UDP address field and enter one of your system’s interface IPs into its text field. This can be useful if all of the other proxies that your server might want to communicate with are on a single internal LAN.

5. Click the Save button at the bottom of the page to update the configuration file with your new settings, then click the Apply Changes link back on the main page to activate them.

Article taken from http://doxfer.com/

If you just want Webmin to be accessible via an URL subdirectory (like /webmin) on an Apache server without going to the trouble of configuring Apache to run the CGI scripts directly, there is a simpler method that can be used.

This is also useful if your system is only accessible on port 80, and you want access to both Webmin and a normal website. The steps to follow are :

Make sure mod_proxy is installed on your Apache webserver.

Add the following directives to the Apache configuration file:

ProxyPass /webmin/ http://localhost:10000/

ProxyPassReverse /webmin/ http://localhost:10000/

<Proxy *>

allow from all

</Proxy>

Add the lines webprefix=/webmin and webprefixnoredir=1 to /etc/webmin/config.

In /etc/webmin/config, add the line referer=apachehost, where apachehost is the hostname from the URL used to access Webmin via Apache.

If the referer line already has some hosts listed, add apachehost to it.

Re-start Apache to apply the configuration.

All requests to /webmin on the Apache server will then be passed through to the Webmin server on localhost port 10000.

All features should work fine, including themes, with the exception of IP access control (because as far as Webmin is concerned, all connections will be coming from localhost).

This method can also be used to make Webmin accessible via an Apache virtual host, like
http://webmin.yourdomain.com/.

The steps to follow are :

Make sure mod_proxy is installed on your Apache webserver.

Add a virtual host to your Apache configuration file like:

<VirtualHost _default_>
ServerName webmin.yourdomain.com
ProxyPass / http://localhost:10000/
ProxyPassReverse / http://localhost:10000/
<Proxy *>
allow from all
</Proxy>
</VirtualHost>

In /etc/webmin/config, add the line referer=apachehost, where apachehost is the hostname from the URL used to access Webmin via Apache.

If the referer line already has some hosts listed, add apachehost to it.

Re-start Apache to apply the configuration.

No changes need to be made to /etc/webmin/config, because no prefix is appended to the URL path.

The Squid Proxy Server module

If you want to set up or configure Squid from within Webmin, you will need to use the Squid Proxy Server module, found under the Servers category.

If you have not configured or started Squid on your system before, the cache directory has probably not been set up yet. The module will detect this and display a message like *Your Squid cache directory /var/spool/squid has not been initialized* above the table of icons. To initialize the cache, follow these steps :

If you are unhappy with the displayed cache directory, now is the time to change it.
Follow the instructions in the Adding cache directories section to define your own directories before continuing.

In the as Unix user field enter the name of the user who will own the cache files and who the daemon process will run as.

Typically this will be a special squid user created for the purpose (and the field will default to squid if such a user exists), but in fact any user will do.

I recommend using the Users and Groups module to create a user called squid whose home directory is the cache directory if needed though.

Click the Initialize Cache button.

The Squid configuration will be updated to use your chosen username, and the command squid -z will be run to set up the cache directories.

All output that it produces will be displayed so that you can see how the initialization is progressing.

When the process is complete, return to the module’s main page and the error message should have disappeared.

If Squid is not installed at all on your system (or installed in a different location to the one Webmin expects), an error message like The Squid config file /etc/squid.conf does not exist will appear on the main page instead of the table of icons.

If you really do have it installed, read the *Configuring the Squid Proxy Server module* section for instructions on how to change the paths the module uses.

On the other hand, if it really is not installed you should use the Software Packages module (covered on SoftwarePackages) to install the squid package from your Linux distribution CD or website.

If no such package exists for your operating system, you will need to download, compile and install the latest version of Squid from www.squid-cache.org. As long as you have a compiler installed on your system, this is a relatively simple process with no dependencies.

Once the server is installed, if you want to make use of it in the long term you should arrange to have it started at boot time, using the Bootup and Shutdown module (which chapter 9 explains how to use). All Linux packages include a bootup action script for Squid, although it may be disabled by default thus requiring you to enable it in that module.

Otherwise you will need to create an action that runs a command like =/usr/local/squid/bin/squid -sY=, assuming that you have Squid installed in /usr/local/squid.

cPanel Proxy

This script is made for people who use cPanel. Its purpose is to give access to cPanel (including webmail and WHM) at port 80 by acting like a proxy. (For people behind strict firewalls.) It can be installed by server owner, reseller or end-users.

Installation instructions:

- Create subdomain “cpanel.yourdomain.com” (You’ll probably need access to cPanel for this, so install it before you need it!)
- Download and unzip cPanelProxy.zip (if you haven’t already) from http://cpanelproxy.net/
- Upload the files to the subdomains directory, probably “public_html/cpanel” in FTP. Be sure to remember .htaccess!
Needed files: cpanelproxy.php .htaccess php.ini

Install for webmail and whm:

- Repeat with “webmail” in stead of “cpanel” in subdomain and directory.
- Repeat with “whm” in stead of “cpanel” in subdomain and directory.

Auto Installer:

- A new feature on the website makes it easier to install cPanel Proxy, and you can even do it thru your firewall. All you need to do is to enter your cPanel login information, at the auto installer will take care of the rest. http://cpanelproxy.net/autoinstaller