CyberHosting

[Tutorial] How to setup and login to OpenLiteSpeed webadmin console

in Cyberpanel, some advanced configuration needs to be done in OLS webadmin console.

how to:

first , run this line in SSH to setup login info for webadmin console

/usr/local/lsws/admin/misc/admpass.sh

and then, login into CyberPanel , and add TCP 7080 port to firewalld in order to access it.

and please don't forget to reload the firewalld once new rule is added.

after that , you can know access it by https://Server-IP:7080

and with the login info you set in SSH.

the console itself currently comes with Chinese, English and Japanese.

of course , anyone who wishes to translate to his/her language is more than welcome :)

original posted here by myself , and translated by myself

«1

Comments

  • OLS web adm panel looks pretty concise, and this advantage can be integrated into CyberPanel. Why the panel leaves this untouched and hasn't had it connected? I previously thought the web server section/module inside the panel is 'outsourced' to OLS web admin panel.

    OLS supports different distros while Cyber cannot. What a pity.

  • @baoang said:
    OLS web adm panel looks pretty concise, and this advantage can be integrated into CyberPanel. Why the panel leaves this untouched and hasn't had it connected? I previously thought the web server section/module inside the panel is 'outsourced' to OLS web admin panel.

    OLS supports different distros while Cyber cannot. What a pity.

    there is docker image now , you can try on other distros.

  • This guide works, but SSL/Certificate is invalid on port 7080, How to fix this?
    I'm using a hostname for cyberpanel with valid cert.
  • cert file is under /usr/local/lsws/admin/conf/ , webadmin.crt and webadmin.key

    either replace these 2 with your current cert , or change its path in webadmin console.
  • qtwrk said:

    cert file is under /usr/local/lsws/admin/conf/ , webadmin.crt and webadmin.key

    either replace these 2 with your current cert , or change its path in webadmin console.

    I'm using the built-in Free LetsEncrypt Cert.

    Replacing or moving it will fail auto renew I think.
  • RoldanLT said:

    qtwrk said:

    cert file is under /usr/local/lsws/admin/conf/ , webadmin.crt and webadmin.key

    either replace these 2 with your current cert , or change its path in webadmin console.

    I'm using the built-in Free LetsEncrypt Cert.

    Replacing or moving it will fail auto renew I think.
    I mean change this to /usr/local/lsws/conf/vhosts/SSL-domain/fullchain.pem and private key


  • Solved, thanks!
    Please include this on future update.
  • Hello

    I can´t make the SSL work in :7080 ;(

    in the webadmin settings i have:
    PRIVATE KEY : /etc/letsencrypt/live/MYDOMAIN.com/privkey.pem
    CERTIFICATE FILE: /etc/letsencrypt/live/MYDOMAIN.com/fullchain.pem

    both are the correct SSL for the domain.
    But when i go to https://MYDOMAIN.com:7080 i get "invalid SSL"

    always appears the certificate of webadmin..

    Thanks for any help.

    Fabian

  • ;( i found it ..

    was in another section.. i put the paths:
    PRIVATE KEY : /etc/letsencrypt/live/MYDOMAIN.com/privkey.pem
    CERTIFICATE FILE: /etc/letsencrypt/live/MYDOMAIN.com/fullchain.pem

    and now.. i can´t logn anymore in the webadmin ;(

    F.


  • well apparenty i broke something ;(

    cyberpanel is ON and i can login to :8090
    BUt litespeed is DOwn

    I can´t restart it in any way

    "Could not fetch details, either LiteSpeed is not running or some error occurred, please see CyberPanel Main log file."

    when i press in "LIcence Status" i got:

    Operation Failed!
    Command '['sudo', 'cat', '/usr/local/lsws/conf/serial.no']' returned non-zero exit status 1


    All was working perfect! ;( not nothing works..

    I would appreciate any help

    Thanks
    Fabian
  • was my mistake !!!! after 2 hours... I FIXED !!!!!!
    was a very stupid mistake..

    i write here as example: "/etc/letsencrypt/live/MYDOMAIN.com/privkey.pem"
    and i put exactly that in the webadmin.. and "MYDOMAIN.com" was the problem

    i fixed it from ssh, restarted LS and all is working like a charme now.. including the webadmin at :7080 with SSL

    Regards and sorry for the previous posts ;)

    Thanks
    Fabian
  • edited June 27
    https://my.domain-or-ip:7080

    But in the browser it remains "Connecting..." Any idea?

    It never connects me. Something like how much the web server is stopped that does not release error but stays connected. But in this case the web server is working normally.

    [SOLVED]
    Solution: Open port 7080 in CyberPanel Firewall
  • edited September 4
    Followed the instructions above, but now litespeed won't start.
    The error log reads as follows:
    2019-09-04 17:21:21.690291 [INFO] [Module: modcompress 1.1] has been initialized successfully
    2019-09-04 17:21:21.690397 [INFO] [Module: moddecompress 1.1] has been initialized successfully
    2019-09-04 17:21:21.690470 [INFO] [Module: cache 1.61] has been initialized successfully
    2019-09-04 17:21:21.690535 [INFO] [Module: mod_security Mod_Security 1.1] has been initialized successfully
    2019-09-04 17:21:21.690590 [ERROR] [SSL] Config SSL Context with Certificate File: /usr/local/lsws/usr/local/lsws/admin/conf/webadmin.crt and Key File:/usr/local/lsws/usr/local/lsws/admin/conf/webadmin.key get SSL error:
    2019-09-04 17:21:21.690597 [ERROR] [config:admin:listener:adminListener:ssl] failed to create new SSLContext for *:7080
    2019-09-04 17:21:21.690602 [ERROR] [config:admin:listener] No listener is available for admin virtual host!
    2019-09-04 17:21:21.690614 [ERROR] Fatal error in configuration, exit!

    The error seems to be in the line where it's looking for the cert and key file in /usr/local/lsws/usr/local/lsws/admin/conf

    I can SSH into the server. Any suggestions on where to find the config file to edit, and what the correct values should be?
  • I was able to undo the damage. In case anyone else shares the same fate, the solution is that the config file is located at /usr/local/lsws/admin/conf/admin_config.conf
  • This should be setup by default going forward for both OLS and LS admin after this commit is merged into the installer. When issuing hostname SSL it should also cover either OLS/LS admin area SSL now with the same certificate via symlink.

    https://github.com/usmannasir/cyberpanel/commit/9bedc44487333bc06a29cea62991471ed98f011a

    If you want to do this manually until then without having to do it via the webadmin settings it can easily be done via the below commands.

    LSWebadmin
    mv /usr/local/lsws/admin/conf/cert/admin.crt /usr/local/lsws/admin/conf/cert/admin.crt-bak
    mv /usr/local/lsws/admin/conf/cert/admin.key /usr/local/lsws/admin/conf/cert/admin.key-bk

    ln -s /usr/local/lscp/conf/cert.pem /usr/local/lsws/admin/conf/cert/admin.crt
    ln -s /usr/local/lscp/conf/key.pem /usr/local/lsws/admin/conf/cert/admin.key

    OLS webadmin
    mv /usr/local/lsws/admin/conf/webadmin.crt /usr/local/lsws/admin/conf/webadmin.crt-bak
    mv /usr/local/lsws/admin/conf/webadmin.key /usr/local/lsws/admin/conf/webadmin.key-bk

    ln -s /usr/local/lscp/conf/cert.pem /usr/local/lsws/admin/conf/webadmin.crt
    ln -s /usr/local/lscp/conf/key.pem /usr/local/lsws/admin/conf/webadmin.key

    restart lsws/ols
    service lsws restart

  • if your accessing the LSW web admin over port 8090 behind CF its going to fail to load stuff. You need to use the IP:8090 vs the hostname or domain if its behind CF as port 8090 is NOT supported by CF.
  • edited October 29
    You misunderstood. If I have unblocked port 8090 to login in: https://ip:8090, websites that are supported by cloudflare will stop working. They will show error 522.
    For them to work, I need to block port 8090 but then I can't use the cyberpanel because without the port unblocked I won't be able to access it.
  • i am curious about this, i am using cloudflare with no issues. I gray cloud my cyberpanel address https://ip:8090 and the rest is running with orange cloud no issues.
  • I read about ports what you provided in the links.
    And I don't know why port 8090 causes conflict and error 522.
    That's why I wrote this topic. I have default ports in the firewall after a new installation + 7080.
    I did the installation twice and the problem repeated.
    For some reason, a new CyberPanel installation causes such a conflict.
  • Nencio said:

    I read about ports what you provided in the links.
    And I don't know why port 8090 causes conflict and error 522.
    That's why I wrote this topic. I have default ports in the firewall after a new installation + 7080.
    I did the installation twice and the problem repeated.
    For some reason, a new CyberPanel installation causes such a conflict.

    may I know how did you set it up ?


    you mean like you were accessing something like `https://panel.domain.com:8090` and you got 522 ?

    what if you access it directly https://YOUR_SERVER_IP:8090 ?

  • I use login via ip:
    https://YOUR_SERVER_IP:8090
    I also checked through the domain:
    https://panel.domain.com:8090
    In both cases, when domains are supported by cloudflare and port 8090 is unblocked, there is error 522.
    Domains that have their own dns work OK.
  • I don't think you can possibly unblock 8090 through Cloudflare ?
  • qtwrk said:

    I don't think you can possibly unblock 8090 through Cloudflare ?

    For domains to work via cloudflare, port 8090 must be blocked.
    If the port is unblocked then domains served by cloudflare do not work because I have a 522 error.
  • Nencio said:

    qtwrk said:

    I don't think you can possibly unblock 8090 through Cloudflare ?

    For domains to work via cloudflare, port 8090 must be blocked.
    If the port is unblocked then domains served by cloudflare do not work because I have a 522 error.
    I'm sorry I'm bit of confused here, May I know what exactly is your issue here with CF?
  • edited November 4
    qtwrk said:


    I'm sorry I'm bit of confused here, May I know what exactly is your issue here with CF?

    Unlocked port 8090 on which you login in to CyberPanel causes error 522 on all domains that I have supported via cloudflare. These domains do not work.
  • when you mean unlocked port 8090 , what exactly does that mean ? and what was your URL to access it ? https://domain.com , or https://domain.com:8090?
  • edited November 4
    qtwrk said:

    when you mean unlocked port 8090 , what exactly does that mean ? and what was your URL to access it ? https://domain.com , or https://domain.com:8090?

    If port 8090 is unlocked for logging into CyberPanel:
    https://IP:8090
    Domains that are supported by cloudflare do not work. They show error 522.
  • What was the link you were using to access it ? With domain
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!