Page Contents
Apply Customization Through Templates
Direct Admin has global templates for OpenLiteSpeed, which can be found in /usr/local/directadmin/data/templates.
# pwd
/usr/local/directadmin/data/templates
# ls -la openlitespeed_*
-rw-r--r-- 1 diradmin diradmin 99 Oct 22 18:25 openlitespeed_context_protected.conf
-rw-r--r-- 1 diradmin diradmin 978 Oct 22 18:25 openlitespeed_ips.conf
-rw-r--r-- 1 diradmin diradmin 398 Oct 22 18:25 openlitespeed_listener.conf
-rw-r--r-- 1 diradmin diradmin 1307 Oct 22 18:25 openlitespeed_redirect_vhost.conf
-rw-r--r-- 1 diradmin diradmin 3131 Oct 22 18:25 openlitespeed_vhost.confTo customize OpenLiteSpeed settings, you can copy these default templates over to /usr/local/directadmin/data/templates/custom and place any customized templates in /usr/local/directadmin/data/templates/custom/openlitespeed*. Then, when you rewrite the configuration, customized templates will be used instead of default templates, where applicable.
cd /usr/local/directadmin/custombuild
./build rewrite_confsIf you need a configuration to apply to all virtual hosts, however, we suggest using the pre/post hooks that DirectAdmin supplies for customization. Such hooks include:
CUSTOM1: Appears at the very top of the template, before setting the variables.
CUSTOM2: Appears in the scripthandler{} section.
CUSTOM3: Appears in ALL context{} sections, used for password protected directories.
CUSTOM4: Appears in the phpIniOverride{} section.
CUSTOM5: Appears in the rewrite{} section.
CUSTOM6: Appears in the vhssl{} section.
CUSTOM7: The very last entry.
Example: Rewrite Rules
Say you want to block xmlrpc and wp-trackback files for all virtual hosts. You can use a rewrite rule like the following:
RewriteRule ^/(xmlrpc|wp-trackback)\.php - [F,L,NC]To include this rewrite rule into all virtual host configurations, you can use the CUSTOM5 pre-hook, which appears in the rewrite{} section of the /usr/local/directadmin/data/templates/custom/ directory. Create a /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.5.pre file with above rule in it, then rewrite the configuration:
cd /usr/local/directadmin/custombuild
./build rewrite_confsAfter that, the cutomized rule will be inserted to each virtual host rewrite section. For example, /usr/local/directadmin/data/users/$USER/openlitespeed.conf might now contain the following:
rewrite {
enable 1
autoLoadHtaccess 1
RewriteRule ^/(xmlrpc|wp-trackback)\.php - [F,L,NC]
}Example: Headers
Let’s say you want to enable HSTS. To do so, you will need add headers to all virtual host “/” contexts, using code like the following:
context / {
location $DOC_ROOT/
allowBrowse 1
extraHeaders <<<END_extraHeaders
Strict-Transport-Security: max-age=15552000
X-Content-Type-Options nosniff
END_extraHeaders
rewrite {
}
addDefaultCharset off
phpIniOverride {
}
}Put the following code in /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.7.pre, and rewrite the configuration as shown in the first example. CUSTOM7 appears at the very end. So now the block of code should be inserted into the very last entries of all virtual host configurations.
DirectAdmin’s OpenLiteSpeed Templates
For reference, here is a list of the default DirectAdmin OpenLiteSpeed templates.
openlitespeed_context_protected.conf
authName |AUTH_NAME|
allowBrowse 1
realm |PROTECTED_PATH|/
accessControl {
allow *
}openlitespeed_ips.conf
|CUSTOM1|
|?DOCROOT=HOME/domains/sharedip| |*if STATUS="server"| |?DOCROOT=/var/www/html| |*endif| |?SSLPROTOCOL=30| |CUSTOM2| virtualHost |IP| { |CUSTOM3| listeners |LISTENER_80|, |LISTENER_443| user |USER| group |USER| vhRoot |HOME| allowSymbolLink 1 enableScript 1 restrained 1 setUIDMode 2 docRoot |DOCROOT| vhDomain |IP| adminEmails root@localhost enableGzip 1 enableIpGeo 1 rewrite { enable 1 autoLoadHtaccess 1 RewriteFile .htaccess |CUSTOM4| } |CUSTOM5| vhssl { keyFile |KEY| certFile |CERT| certChain 1 sslProtocol |SSLPROTOCOL| } # include aliases include /usr/local/lsws/conf/httpd-alias.conf |CUSTOM6| }openlitespeed_listener.conf
|CUSTOM1|
|?SSLPROTOCOL=30|
|CUSTOM2|
listener |LISTENER_80| {
|CUSTOM3|
address |IP|:80
secure 0
|CUSTOM4|
}
listener |LISTENER_443| {
|CUSTOM5|
address |IP|:443
secure 1
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
|CUSTOM6|
}openlitespeed_redirect_vhost.conf
|CUSTOM1|
|?WWW_PREFIX=www.|
|*if WWW_REDIRECT="no"|
|?WWW_PREFIX=|
|*endif|
|?VH_PORT=PORT_80| |?VHROOT=HOME| |?DOCROOT=HOME/domains/DOMAIN/public_html| |?SSLPROTOCOL=30| |CUSTOM2| virtualHost |POINTER|-|VH_PORT| { |CUSTOM3| user |USER| group |GROUP| vhRoot |VHROOT| setUIDMode 2 listeners |LISTENERS| docRoot |DOCROOT| vhDomain |POINTER| vhAliases www.|POINTER| rewrite { enable 1 RewriteRule (.*)$ http://|WWW_PREFIX||DOMAIN|/$1 [R=301,L] } |CUSTOM4| } |*if HAVE_SSL="1"| |?VH_PORT=PORT_443| virtualHost |POINTER|-|VH_PORT| { |CUSTOM5| user |USER| group |GROUP| vhRoot |VHROOT| setUIDMode 2 listeners |SSL_LISTENERS| docRoot |DOCROOT| vhDomain |POINTER| vhAliases www.|POINTER| rewrite { enable 1 RewriteRule (.*)$ https://|WWW_PREFIX||DOMAIN|/$1 [R=301,L] } vhssl { keyFile |KEY| certFile |CERT| certChain 1 sslProtocol |SSLPROTOCOL| } |CUSTOM6| } |*endif|openlitespeed_vhost.conf
CUSTOM1|
|?PUBLIC_HTML=public_html|
|?VH_PORT=PORT_80| |*if SSL_TEMPLATE="1"| |?PUBLIC_HTML=private_html| |?VH_PORT=PORT_443| |*endif| |?DOCROOT=HOME/domains/DOMAIN/PUBLIC_HTML| |?PUB_DOCROOT=HOME/domains/DOMAIN/public_html| |?SDOMAIN=DOMAIN| |?LOG_NAME=DOMAIN| |*if SUB| |?DOCROOT=DOCROOT/SUB| |?SDOMAIN=SUB.DOMAIN| |?LOG_NAME=DOMAIN.SUB| |*endif| |?REALDOCROOT=DOCROOT| |?VHROOT=HOME| |?SCRIPTHANDLER=lsphpPHP1_RELEASE| |?SSLPROTOCOL=30| |?OBDP1=| |*if PHP1_RELEASE!="0"| |?OBDP1=:/usr/local/phpPHP1_RELEASE/lib/php/| |*endif| |?OBDP2=| |?OPEN_BASEDIR_PATH=HOME/:/tmp:/var/tmp:/opt/alt/phpPHP1_RELEASE/usr/share/pear/:/dev/urandom:/usr/local/lib/php/OBDP1OBDP2| |?PHP_MAIL_LOG=| |?CLI_PHP_MAIL_LOG=| |*if PHP_MAIL_LOG_ENABLED="1"| |?PHP_MAIL_LOG=-d mail.log="HOME/.php/php-mail.log"| |?CLI_PHP_MAIL_LOG=php_admin_value mail.log HOME/.php/php-mail.log| |*endif| |?PHP_EMAIL=USER@DOMAIN| virtualHost |SDOMAIN|-|VH_PORT| { |CUSTOM| user |USER| group |GROUP| vhRoot |VHROOT| allowSymbolLink 1 enableScript 1 restrained 1 setUIDMode 2 # listeners listener1, listener2, listener3 listeners |LISTENERS| #VirtualHost config settings docRoot |DOCROOT| vhDomain |SDOMAIN| vhAliases www.|SDOMAIN||SERVER_ALIASES| adminEmails |ADMIN| enableGzip 1 enableIpGeo 1 errorlog |APACHELOGDIR|/|LOG_NAME|.error.log { useServer 0 logLevel NOTICE rollingSize 0 } accesslog |APACHELOGDIR|/|LOG_NAME|.log { useServer 0 logFormat %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i" logHeaders 5 rollingSize 0 } accesslog |APACHELOGDIR|/|LOG_NAME|.bytes { useServer 0 logFormat %O %I rollingSize 0 } scripthandler { |CUSTOM2| add lsapi:|SCRIPTHANDLER| inc add lsapi:|SCRIPTHANDLER| php add lsapi:|SCRIPTHANDLER| phtml add lsapi:|SCRIPTHANDLER| php|PHP1_RELEASE| } phpIniOverride { |CUSTOM4| php_admin_flag engine |PHP| php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f |PHP_EMAIL|" |*if OPEN_BASEDIR_ENABLED="ON"| php_admin_value open_basedir "|OPEN_BASEDIR_PATH|" |*endif| |CLI_PHP_MAIL_LOG| |*if HAVE_SAFE_MODE="1"| php_admin_flag safe_mode |SAFE_MODE| |*endif| } rewrite { enable 1 autoLoadHtaccess 1 |FORCE_SSL_REDIRECT| |OPENLITESPEED_REDIRECTS| |CUSTOM5| } |CONTEXTS| |REALMS| |*if SSL_TEMPLATE="1"| vhssl { |CUSTOM6| keyFile |KEY| certFile |CERT| certChain 1 sslProtocol |SSLPROTOCOL| } |*endif| # include aliases include /usr/local/lsws/conf/httpd-alias.conf |CUSTOM7|For more customization, like wildcard domain, custom security headers ..etc, please refer to the DirectAdmin official guide.