Need help with implementing Authorization with Realms on certain URL

[prmx89]

Hi there! How are you all? It's my very first post, so please guide me if I did something wrong

I have one issue I would like to fix: I would like to restrict access to some certain urls with ports using realms. Let say my domain is: https://www.example.com

I can block urls way like this: https://www.example.com/blocked (I learned that from youtube tutorial:

) but I don't know/ I can't block urls with listening port way like this: https://www.example.com:888/blocked

The thing is that I use Cyberpanel with preinstalled OpenLiteSpeed, and Cyberpanel admin panel URLs are way like this: https://www.example.com:8888 (with listening port number in the end of url, for example I would like to set up realm authorisation for this URL:

https://www.example.com:8888/phpmyadmin

It's like an extra layer of security to phpmyadmin panel.. Is anybody know how to do it?

Many thanks in advance for any hint!
Pete

 

[Cold-Egg]

Hi Pete,

Protect the CyberPanel should be good enough since you access the phpmyadmin via the Cyberpanel.
Here are the steps:
1. Remove the CyberPanel port, follow https://community.cyberpanel.net/t/how-to-remove-port-8090-from-cyberpanel/30648
2. Create realm protection, follow https://docs.litespeedtech.com/cloud/images/wordpress/#phpmyadmin-access - Method 3
3. Go to the virtual host you created in Step 1, and set a static context like the following,

context / {
  location                /usr/local/CyberCP/
  allowBrowse             1
  realm                   example

  rewrite  {
    enable                1
    inherit               1
REWRITERULE ^(.*)$ HTTP://cyberpanel/$1 [P]
  }
  addDefaultCharset       off

  phpIniOverride  {

  }
}

It works from my test.

 

[prmx89]

Hmm.. thank you for your effort! I had some issues implementing this, but when I finally sorted this out I just noticed that: the new subdomain works as expected, port removed but just for new subdomain, main domain remains the same, I can access old link like: example.com:8090/phpmyadmin while new subdomain is okay: admin.example.com/phpmyadmin

BUT

If I create a website from scratch with removed port like you guided me, then main domain points to cyberpanel admin panel instead of my site

Anyway I had idea to lock out access for phpmyadmin panel which I'm able to do on subdomain, but the point is - while using main domain like:

example.com:8090/phpmyadmin

I'm still able to access phpmyadmin panel, so its basically no solution at all unless I will be able to block 'example.com:8090' somehow in OpenLiteSpeed? so then I will use admin.example.com subdomain and I set up Auth with Realms on this one.. I hope you know what I mean