Proxmox 2.x Web Gui Ports

[anthonysomerset]

Hi - I Tried searching for this but either i failed or i couldnt find the info here or on the Wiki

Problem: Current web gui port is 8006 over HTTPS - We'd Like to change this to standard port 443

Question(s): Can i just move the ports in apache config? Do I need to keep the service also running on 8006 as well for any reason (but blocked from external access)

Other than that are there any other things i need to change or be aware of

EDIT: Worked out how to do this myself

change the contents of /etc/apache2/sites-enabled/pve-redirect.conf to the following (changes redirect destination from HTTP and disables the port 443 redirect):

<VirtualHost *:80>    #RewriteLog "/root/rewrite.log"
    #RewriteLogLevel 10
    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [L,R]
</VirtualHost>


#<VirtualHost *:443>
#    SSLEngine on
#    SSLProtocol all -SSLv2
#    SSLCertificateFile /etc/pve/local/pve-ssl.pem
#    SSLCertificateKeyFile /etc/pve/local/pve-ssl.key


#    RewriteEngine on
#    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
#    RewriteRule .* - [F]
#    RewriteRule ^/(.*) https://%{HTTP_HOST}:8006/$1 [L,R]
#</VirtualHost>

and then edited the following line in /etc/apache2/sites-enabled/pve.conf

<VirtualHost *:8006>

to

<VirtualHost *:8006 *:443>

then reload apache: /etc/init.d/apache2 reload

NOTE - this leaves the server enabled on port 8006 - I do not know if its safe to stop it listening on this port or not - I am choosing to lock this down at the hardware firewall level just in case

 

[dietmar]

Do I need to keep the service also running on 8006 as well for any reason (but blocked from external access)

Yes, port 8006 is used internally.

 

[anthonysomerset]

Thanks Dietmar - i ended up trying the edits in my first post and they worked - good job i left 8006 working internally - its not seeming to affect anything on the web frontend for users - console works etc