コード例 #1
 public function createOwnVhostStarter()
     if (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.enabled_ownvhost') == '1') {
         $mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
         // /var/www/froxlor, needed for chown
         $user = Settings::Get('phpfpm.vhost_httpuser');
         $group = Settings::Get('phpfpm.vhost_httpgroup');
         $domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => $user, 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
         // all the files and folders have to belong to the local user
         // now because we also use fcgid for our own vhost
         safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
         // get php.ini for our own vhost
         $php = new phpinterface($domain);
         // get php-config
         if (Settings::Get('phpfpm.enabled') == '1') {
             // fpm
             $phpconfig = $php->getPhpConfig(Settings::Get('phpfpm.vhost_defaultini'));
         } else {
             // fcgid
             $phpconfig = $php->getPhpConfig(Settings::Get('system.mod_fcgid_defaultini_ownvhost'));
         // create starter-file | config-file
         // create php.ini (fpm does nothing here, as it
         // defines ini-settings in its pool config)
コード例 #2
 public function createOwnVhostStarter()
     if ($this->settings['phpfpm']['enabled'] == '1' && $this->settings['phpfpm']['enabled_ownvhost'] == '1') {
         $mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
         // /var/www/froxlor, needed for chown
         $user = $this->settings['phpfpm']['vhost_httpuser'];
         $group = $this->settings['phpfpm']['vhost_httpgroup'];
         $domain = array('id' => 'none', 'domain' => $this->settings['system']['hostname'], 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => $user, 'openbasedir' => 0, 'safemode' => '0', 'email' => $this->settings['panel']['adminmail'], 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
         // all the files and folders have to belong to the local user
         // now because we also use fcgid for our own vhost
         safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
         // get php.ini for our own vhost
         $php = new phpinterface($this->getDB(), $this->settings, $domain);
         // @FIXME don't use fcgid settings, but we don't have anything else atm
         $phpconfig = $php->getPhpConfig($this->settings['system']['mod_fcgid_defaultini_ownvhost']);
         // create starter-file | config-file
         // create php.ini
         // @TODO make php-fpm support this
コード例 #3
 public function createIpPort()
     $result_ipsandports_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC");
     while ($row_ipsandports = $result_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
         if (filter_var($row_ipsandports['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
             $ipport = '[' . $row_ipsandports['ip'] . ']:' . $row_ipsandports['port'];
         } else {
             $ipport = $row_ipsandports['ip'] . ':' . $row_ipsandports['port'];
         fwrite($this->debugHandler, '  apache::createIpPort: creating ip/port settings for  ' . $ipport . "\n");
         $this->logger->logAction(CRON_ACTION, LOG_INFO, 'creating ip/port settings for  ' . $ipport);
         $vhosts_filename = makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/10_froxlor_ipandport_' . trim(str_replace(':', '.', $row_ipsandports['ip']), '.') . '.' . $row_ipsandports['port'] . '.conf');
         if (!isset($this->virtualhosts_data[$vhosts_filename])) {
             $this->virtualhosts_data[$vhosts_filename] = '';
         if ($row_ipsandports['listen_statement'] == '1') {
             $this->virtualhosts_data[$vhosts_filename] .= 'Listen ' . $ipport . "\n";
             $this->logger->logAction(CRON_ACTION, LOG_DEBUG, $ipport . ' :: inserted listen-statement');
         if ($row_ipsandports['namevirtualhost_statement'] == '1') {
             // >=apache-2.4 enabled?
             if (Settings::Get('system.apache24') == '1') {
                 $this->logger->logAction(CRON_ACTION, LOG_NOTICE, $ipport . ' :: namevirtualhost-statement no longer needed for apache-2.4');
             } else {
                 $this->virtualhosts_data[$vhosts_filename] .= 'NameVirtualHost ' . $ipport . "\n";
                 $this->logger->logAction(CRON_ACTION, LOG_DEBUG, $ipport . ' :: inserted namevirtualhost-statement');
         if ($row_ipsandports['vhostcontainer'] == '1') {
             $this->virtualhosts_data[$vhosts_filename] .= '<VirtualHost ' . $ipport . '>' . "\n";
             if ($row_ipsandports['docroot'] == '') {
                  * add 'real'-vhost content here, like doc-root :)
                 if (Settings::Get('system.froxlordirectlyviahostname')) {
                     $mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
                 } else {
                     $mypath = makeCorrectDir(dirname(dirname(dirname(dirname(__FILE__)))));
             } else {
                 // user-defined docroot, #417
                 $mypath = makeCorrectDir($row_ipsandports['docroot']);
             $this->virtualhosts_data[$vhosts_filename] .= 'DocumentRoot "' . $mypath . '"' . "\n";
             if ($row_ipsandports['vhostcontainer_servername_statement'] == '1') {
                 $this->virtualhosts_data[$vhosts_filename] .= ' ServerName ' . Settings::Get('system.hostname') . "\n";
             // create fcgid <Directory>-Part (starter is created in apache_fcgid)
             if (Settings::Get('system.mod_fcgid_ownvhost') == '1' && Settings::Get('system.mod_fcgid') == '1') {
                 $configdir = makeCorrectDir(Settings::Get('system.mod_fcgid_configdir') . '/froxlor.panel/' . Settings::Get('system.hostname'));
                 $this->virtualhosts_data[$vhosts_filename] .= '  FcgidIdleTimeout ' . Settings::Get('system.mod_fcgid_idle_timeout') . "\n";
                 if ((int) Settings::Get('system.mod_fcgid_wrapper') == 0) {
                     $this->virtualhosts_data[$vhosts_filename] .= '  SuexecUserGroup "' . Settings::Get('system.mod_fcgid_httpuser') . '" "' . Settings::Get('system.mod_fcgid_httpgroup') . '"' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  ScriptAlias /php/ ' . $configdir . "\n";
                 } else {
                     $domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => Settings::Get('phpfpm.vhost_httpuser'), 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
                     $php = new phpinterface($domain);
                     $phpconfig = $php->getPhpConfig(Settings::Get('system.mod_fcgid_defaultini_ownvhost'));
                     $starter_filename = makeCorrectFile($configdir . '/php-fcgi-starter');
                     $this->virtualhosts_data[$vhosts_filename] .= '  SuexecUserGroup "' . Settings::Get('system.mod_fcgid_httpuser') . '" "' . Settings::Get('system.mod_fcgid_httpgroup') . '"' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . $mypath . '">' . "\n";
                     $file_extensions = explode(' ', $phpconfig['file_extensions']);
                     $this->virtualhosts_data[$vhosts_filename] .= '    <FilesMatch "\\.(' . implode('|', $file_extensions) . ')$">' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '      SetHandler fcgid-script' . "\n";
                     foreach ($file_extensions as $file_extension) {
                         $this->virtualhosts_data[$vhosts_filename] .= '      FcgidWrapper ' . $starter_filename . ' .' . $file_extension . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '      Options +ExecCGI' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '    </FilesMatch>' . "\n";
                     // >=apache-2.4 enabled?
                     if (Settings::Get('system.apache24') == '1') {
                         $mypath_dir = new frxDirectory($mypath);
                         // only create the require all granted if there is not active directory-protection
                         // for this path, as this would be the first require and therefore grant all access
                         if ($mypath_dir->isUserProtected() == false) {
                             $this->virtualhosts_data[$vhosts_filename] .= '    Require all granted' . "\n";
                     } else {
                         $this->virtualhosts_data[$vhosts_filename] .= '    Order allow,deny' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '    allow from all' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
             } elseif (Settings::Get('phpfpm.enabled') == '1') {
                 $domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => Settings::Get('phpfpm.vhost_httpuser'), 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
                 $php = new phpinterface($domain);
                 $phpconfig = $php->getPhpConfig(Settings::Get('phpfpm.vhost_defaultini'));
                 $srvName = substr(md5($ipport), 0, 4) . '.fpm.external';
                 if ($row_ipsandports['ssl']) {
                     $srvName = substr(md5($ipport), 0, 4) . '.ssl-fpm.external';
                 // mod_proxy stuff for apache-2.4
                 if (Settings::Get('system.apache24') == '1' && Settings::Get('phpfpm.use_mod_proxy') == '1') {
                     $this->virtualhosts_data[$vhosts_filename] .= '  <FilesMatch \\.php$>' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  SetHandler proxy:unix:' . $php->getInterface()->getSocketFile() . '|fcgi://localhost' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  </FilesMatch>' . "\n";
                 } else {
                     $this->virtualhosts_data[$vhosts_filename] .= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile() . ' -idle-timeout ' . Settings::Get('phpfpm.idle_timeout') . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . $mypath . '">' . "\n";
                     $file_extensions = explode(' ', $phpconfig['file_extensions']);
                     $this->virtualhosts_data[$vhosts_filename] .= '   <FilesMatch "\\.(' . implode('|', $file_extensions) . ')$">' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '     AddHandler php5-fastcgi .php' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '     Action php5-fastcgi /fastcgiphp' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '      Options +ExecCGI' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '    </FilesMatch>' . "\n";
                     // >=apache-2.4 enabled?
                     if (Settings::Get('system.apache24') == '1') {
                         $mypath_dir = new frxDirectory($mypath);
                         // only create the require all granted if there is not active directory-protection
                         // for this path, as this would be the first require and therefore grant all access
                         if ($mypath_dir->isUserProtected() == false) {
                             $this->virtualhosts_data[$vhosts_filename] .= '    Require all granted' . "\n";
                     } else {
                         $this->virtualhosts_data[$vhosts_filename] .= '    Order allow,deny' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '    allow from all' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  Alias /fastcgiphp ' . $php->getInterface()->getAliasConfigDir() . $srvName . "\n";
             * dirprotection, see #72
             * @TODO deferred until 0.9.5, needs more testing
             $this->virtualhosts_data[$vhosts_filename] .= "\t<Directory \"'.$mypath.'(images|packages|templates)\">\n";
             $this->virtualhosts_data[$vhosts_filename] .= "\t\tAllow from all\n";
             $this->virtualhosts_data[$vhosts_filename] .= "\t\tOptions -Indexes\n";
             $this->virtualhosts_data[$vhosts_filename] .= "\t</Directory>\n";
             $this->virtualhosts_data[$vhosts_filename] .= "\t<Directory \"'.$mypath.'*\">\n";
             $this->virtualhosts_data[$vhosts_filename] .= "\t\tOrder Deny,Allow\n";
             $this->virtualhosts_data[$vhosts_filename] .= "\t\tDeny from All\n";
             $this->virtualhosts_data[$vhosts_filename] .= "\t</Directory>\n";
             * end of dirprotection
             if ($row_ipsandports['specialsettings'] != '') {
                 $this->virtualhosts_data[$vhosts_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
             if ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
                 if ($row_ipsandports['ssl_cert_file'] == '') {
                     $row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
                 if ($row_ipsandports['ssl_key_file'] == '') {
                     $row_ipsandports['ssl_key_file'] = Settings::Get('system.ssl_key_file');
                 if ($row_ipsandports['ssl_ca_file'] == '') {
                     $row_ipsandports['ssl_ca_file'] = Settings::Get('system.ssl_ca_file');
                 // #418
                 if ($row_ipsandports['ssl_cert_chainfile'] == '') {
                     $row_ipsandports['ssl_cert_chainfile'] = Settings::Get('system.ssl_cert_chainfile');
                 if ($row_ipsandports['ssl_cert_file'] != '') {
                     // check for existence, #1485
                     if (!file_exists($row_ipsandports['ssl_cert_file'])) {
                         $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate file "' . $row_ipsandports['ssl_cert_file'] . '" does not exist! Cannot create ssl-directives');
                         echo $ipport . ' :: certificate file "' . $row_ipsandports['ssl_cert_file'] . '" does not exist! Cannot create SSL-directives' . "\n";
                     } else {
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol ALL -SSLv2 -SSLv3' . "\n";
                         // this makes it more secure, thx to Marcel (08/2013)
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLVerifyDepth 10' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateFile ' . makeCorrectFile($row_ipsandports['ssl_cert_file']) . "\n";
                         if ($row_ipsandports['ssl_key_file'] != '') {
                             // check for existence, #1485
                             if (!file_exists($row_ipsandports['ssl_key_file'])) {
                                 $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate key file "' . $row_ipsandports['ssl_key_file'] . '" does not exist! Cannot create ssl-directives');
                                 echo $ipport . ' :: certificate key file "' . $row_ipsandports['ssl_key_file'] . '" does not exist! SSL-directives might not be working' . "\n";
                             } else {
                                 $this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateKeyFile ' . makeCorrectFile($row_ipsandports['ssl_key_file']) . "\n";
                         if ($row_ipsandports['ssl_ca_file'] != '') {
                             // check for existence, #1485
                             if (!file_exists($row_ipsandports['ssl_ca_file'])) {
                                 $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate CA file "' . $row_ipsandports['ssl_ca_file'] . '" does not exist! Cannot create ssl-directives');
                                 echo $ipport . ' :: certificate CA file "' . $row_ipsandports['ssl_ca_file'] . '" does not exist! SSL-directives might not be working' . "\n";
                             } else {
                                 $this->virtualhosts_data[$vhosts_filename] .= ' SSLCACertificateFile ' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . "\n";
                         // #418
                         if ($row_ipsandports['ssl_cert_chainfile'] != '') {
                             // check for existence, #1485
                             if (!file_exists($row_ipsandports['ssl_cert_chainfile'])) {
                                 $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate chain file "' . $row_ipsandports['ssl_cert_chainfile'] . '" does not exist! Cannot create ssl-directives');
                                 echo $ipport . ' :: certificate chain file "' . $row_ipsandports['ssl_cert_chainfile'] . '" does not exist! SSL-directives might not be working' . "\n";
                             } else {
                                 $this->virtualhosts_data[$vhosts_filename] .= '  SSLCertificateChainFile ' . makeCorrectFile($row_ipsandports['ssl_cert_chainfile']) . "\n";
             $this->virtualhosts_data[$vhosts_filename] .= '</VirtualHost>' . "\n";
             $this->logger->logAction(CRON_ACTION, LOG_DEBUG, $ipport . ' :: inserted vhostcontainer');
      * bug #32
      * bug #unknown-yet
コード例 #4
 public function createIpPort()
     $result_ipsandports_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC");
     while ($row_ipsandports = $result_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
         if (filter_var($row_ipsandports['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
             $ipport = '[' . $row_ipsandports['ip'] . ']:' . $row_ipsandports['port'];
         } else {
             $ipport = $row_ipsandports['ip'] . ':' . $row_ipsandports['port'];
         $this->logger->logAction(CRON_ACTION, LOG_INFO, 'apache::createIpPort: creating ip/port settings for  ' . $ipport);
         $vhosts_filename = makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/10_froxlor_ipandport_' . trim(str_replace(':', '.', $row_ipsandports['ip']), '.') . '.' . $row_ipsandports['port'] . '.conf');
         if (!isset($this->virtualhosts_data[$vhosts_filename])) {
             $this->virtualhosts_data[$vhosts_filename] = '';
         if ($row_ipsandports['listen_statement'] == '1') {
             $this->virtualhosts_data[$vhosts_filename] .= 'Listen ' . $ipport . "\n";
             $this->logger->logAction(CRON_ACTION, LOG_DEBUG, $ipport . ' :: inserted listen-statement');
         if ($row_ipsandports['namevirtualhost_statement'] == '1') {
             // >=apache-2.4 enabled?
             if (Settings::Get('system.apache24') == '1') {
                 $this->logger->logAction(CRON_ACTION, LOG_NOTICE, $ipport . ' :: namevirtualhost-statement no longer needed for apache-2.4');
             } else {
                 $this->virtualhosts_data[$vhosts_filename] .= 'NameVirtualHost ' . $ipport . "\n";
                 $this->logger->logAction(CRON_ACTION, LOG_DEBUG, $ipport . ' :: inserted namevirtualhost-statement');
         if ($row_ipsandports['vhostcontainer'] == '1') {
             $without_vhost = $this->virtualhosts_data[$vhosts_filename];
             $close_vhost = true;
             $this->virtualhosts_data[$vhosts_filename] .= '<VirtualHost ' . $ipport . '>' . "\n";
             $mypath = $this->getMyPath($row_ipsandports);
             $this->virtualhosts_data[$vhosts_filename] .= 'DocumentRoot "' . $mypath . '"' . "\n";
             if ($row_ipsandports['vhostcontainer_servername_statement'] == '1') {
                 $this->virtualhosts_data[$vhosts_filename] .= ' ServerName ' . Settings::Get('system.hostname') . "\n";
             $is_redirect = false;
             // check for SSL redirect
             if ($row_ipsandports['ssl'] == '0' && Settings::Get('system.le_froxlor_redirect') == '1') {
                 $is_redirect = true;
                 // check whether froxlor uses Let's Encrypt and not cert is being generated yet
                 // or a renew is ongoing - disable redirect
                 if (Settings::Get('system.le_froxlor_enabled') && ($this->froxlorVhostHasLetsEncryptCert() == false || $this->froxlorVhostLetsEncryptNeedsRenew())) {
                     $this->virtualhosts_data[$vhosts_filename] .= '# temp. disabled ssl-redirect due to Let\'s Encrypt certificate generation.' . PHP_EOL;
                     $is_redirect = false;
                 } else {
                     $_sslport = $this->checkAlternativeSslPort();
                     $mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/';
                     $code = '301';
                     $modrew_red = ' [R=' . $code . ';L,NE]';
                     // redirect everything, not only root-directory, #541
                     $this->virtualhosts_data[$vhosts_filename] .= '  <IfModule mod_rewrite.c>' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '    RewriteEngine On' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '    RewriteCond %{HTTPS} off' . "\n";
                     if (Settings::Get('system.le_froxlor_enabled') == '1') {
                         $this->virtualhosts_data[$vhosts_filename] .= '    RewriteCond %{REQUEST_URI} !^/\\.well-known/acme-challenge' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '    RewriteRule ^/(.*) ' . $mypath . '$1' . $modrew_red . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  </IfModule>' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  <IfModule !mod_rewrite.c>' . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '    Redirect ' . $code . ' / ' . $mypath . "\n";
                     $this->virtualhosts_data[$vhosts_filename] .= '  </IfModule>' . "\n";
             if (!$is_redirect) {
                 // create fcgid <Directory>-Part (starter is created in apache_fcgid)
                 if (Settings::Get('system.mod_fcgid_ownvhost') == '1' && Settings::Get('system.mod_fcgid') == '1') {
                     $configdir = makeCorrectDir(Settings::Get('system.mod_fcgid_configdir') . '/froxlor.panel/' . Settings::Get('system.hostname'));
                     $this->virtualhosts_data[$vhosts_filename] .= '  FcgidIdleTimeout ' . Settings::Get('system.mod_fcgid_idle_timeout') . "\n";
                     if ((int) Settings::Get('system.mod_fcgid_wrapper') == 0) {
                         $this->virtualhosts_data[$vhosts_filename] .= '  SuexecUserGroup "' . Settings::Get('system.mod_fcgid_httpuser') . '" "' . Settings::Get('system.mod_fcgid_httpgroup') . '"' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  ScriptAlias /php/ ' . $configdir . "\n";
                     } else {
                         $domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => Settings::Get('phpfpm.vhost_httpuser'), 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
                         $php = new phpinterface($domain);
                         $phpconfig = $php->getPhpConfig(Settings::Get('system.mod_fcgid_defaultini_ownvhost'));
                         $starter_filename = makeCorrectFile($configdir . '/php-fcgi-starter');
                         $this->virtualhosts_data[$vhosts_filename] .= '  SuexecUserGroup "' . Settings::Get('system.mod_fcgid_httpuser') . '" "' . Settings::Get('system.mod_fcgid_httpgroup') . '"' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . $mypath . '">' . "\n";
                         $file_extensions = explode(' ', $phpconfig['file_extensions']);
                         $this->virtualhosts_data[$vhosts_filename] .= '    <FilesMatch "\\.(' . implode('|', $file_extensions) . ')$">' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '      SetHandler fcgid-script' . "\n";
                         foreach ($file_extensions as $file_extension) {
                             $this->virtualhosts_data[$vhosts_filename] .= '      FcgidWrapper ' . $starter_filename . ' .' . $file_extension . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '      Options +ExecCGI' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '    </FilesMatch>' . "\n";
                         // >=apache-2.4 enabled?
                         if (Settings::Get('system.apache24') == '1') {
                             $mypath_dir = new frxDirectory($mypath);
                             // only create the require all granted if there is not active directory-protection
                             // for this path, as this would be the first require and therefore grant all access
                             if ($mypath_dir->isUserProtected() == false) {
                                 $this->virtualhosts_data[$vhosts_filename] .= '    Require all granted' . "\n";
                                 $this->virtualhosts_data[$vhosts_filename] .= '    AllowOverride All' . "\n";
                         } else {
                             $this->virtualhosts_data[$vhosts_filename] .= '    Order allow,deny' . "\n";
                             $this->virtualhosts_data[$vhosts_filename] .= '    allow from all' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
                 } elseif (Settings::Get('phpfpm.enabled') == '1') {
                     // create php-fpm <Directory>-Part (config is created in apache_fcgid)
                     $domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => Settings::Get('phpfpm.vhost_httpuser'), 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
                     $php = new phpinterface($domain);
                     $phpconfig = $php->getPhpConfig(Settings::Get('phpfpm.vhost_defaultini'));
                     $srvName = substr(md5($ipport), 0, 4) . '.fpm.external';
                     if ($row_ipsandports['ssl']) {
                         $srvName = substr(md5($ipport), 0, 4) . '.ssl-fpm.external';
                     // mod_proxy stuff for apache-2.4
                     if (Settings::Get('system.apache24') == '1' && Settings::Get('phpfpm.use_mod_proxy') == '1') {
                         $this->virtualhosts_data[$vhosts_filename] .= '  <FilesMatch \\.php$>' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  SetHandler proxy:unix:' . $php->getInterface()->getSocketFile() . '|fcgi://localhost' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  </FilesMatch>' . "\n";
                     } else {
                         $this->virtualhosts_data[$vhosts_filename] .= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile() . ' -idle-timeout ' . Settings::Get('phpfpm.idle_timeout') . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . $mypath . '">' . "\n";
                         $file_extensions = explode(' ', $phpconfig['file_extensions']);
                         $this->virtualhosts_data[$vhosts_filename] .= '   <FilesMatch "\\.(' . implode('|', $file_extensions) . ')$">' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '     AddHandler php5-fastcgi .php' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '     Action php5-fastcgi /fastcgiphp' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '      Options +ExecCGI' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '    </FilesMatch>' . "\n";
                         // >=apache-2.4 enabled?
                         if (Settings::Get('system.apache24') == '1') {
                             $mypath_dir = new frxDirectory($mypath);
                             // only create the require all granted if there is not active directory-protection
                             // for this path, as this would be the first require and therefore grant all access
                             if ($mypath_dir->isUserProtected() == false) {
                                 $this->virtualhosts_data[$vhosts_filename] .= '    Require all granted' . "\n";
                                 $this->virtualhosts_data[$vhosts_filename] .= '    AllowOverride All' . "\n";
                         } else {
                             $this->virtualhosts_data[$vhosts_filename] .= '    Order allow,deny' . "\n";
                             $this->virtualhosts_data[$vhosts_filename] .= '    allow from all' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= '  Alias /fastcgiphp ' . $php->getInterface()->getAliasConfigDir() . $srvName . "\n";
                 } else {
                     // mod_php
                     $domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'guid' => Settings::Get('system.httpuser'), 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
             // end of ssl-redirect check
              * dirprotection, see #72
              * @todo deferred until 0.9.5, needs more testing
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t<Directory \"'.$mypath.'(images|packages|templates)\">\n";
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t\tAllow from all\n";
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t\tOptions -Indexes\n";
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t</Directory>\n";
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t<Directory \"'.$mypath.'*\">\n";
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t\tOrder Deny,Allow\n";
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t\tDeny from All\n";
              *       $this->virtualhosts_data[$vhosts_filename] .= "\t</Directory>\n";
              *       end of dirprotection
             if ($row_ipsandports['specialsettings'] != '') {
                 $this->virtualhosts_data[$vhosts_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
             if ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
                 if ($row_ipsandports['ssl_cert_file'] == '') {
                     $row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
                 if ($row_ipsandports['ssl_key_file'] == '') {
                     $row_ipsandports['ssl_key_file'] = Settings::Get('system.ssl_key_file');
                 if ($row_ipsandports['ssl_ca_file'] == '') {
                     $row_ipsandports['ssl_ca_file'] = Settings::Get('system.ssl_ca_file');
                 // #418
                 if ($row_ipsandports['ssl_cert_chainfile'] == '') {
                     $row_ipsandports['ssl_cert_chainfile'] = Settings::Get('system.ssl_cert_chainfile');
                 $domain = array('id' => 0, 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'loginname' => 'froxlor.panel', 'documentroot' => $mypath, 'parentdomainid' => 0);
                 // override corresponding array values
                 $domain['ssl_cert_file'] = $row_ipsandports['ssl_cert_file'];
                 $domain['ssl_key_file'] = $row_ipsandports['ssl_key_file'];
                 $domain['ssl_ca_file'] = $row_ipsandports['ssl_ca_file'];
                 $domain['ssl_cert_chainfile'] = $row_ipsandports['ssl_cert_chainfile'];
                 // SSL STUFF
                 $dssl = new DomainSSL();
                 // this sets the ssl-related array-indices in the $domain array
                 // if the domain has customer-defined ssl-certificates
                 if ($domain['ssl_cert_file'] != '') {
                     // check for existence, #1485
                     if (!file_exists($domain['ssl_cert_file'])) {
                         $this->logger->logAction(CRON_ACTION, LOG_ERR, $ipport . ' :: certificate file "' . $domain['ssl_cert_file'] . '" does not exist! Cannot create ssl-directives');
                     } else {
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol ALL -SSLv2 -SSLv3' . "\n";
                         // this makes it more secure, thx to Marcel (08/2013)
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLVerifyDepth 10' . "\n";
                         $this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateFile ' . makeCorrectFile($domain['ssl_cert_file']) . "\n";
                         if ($domain['ssl_key_file'] != '') {
                             // check for existence, #1485
                             if (!file_exists($domain['ssl_key_file'])) {
                                 $this->logger->logAction(CRON_ACTION, LOG_ERR, $ipport . ' :: certificate key file "' . $domain['ssl_key_file'] . '" does not exist! Cannot create ssl-directives');
                             } else {
                                 $this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateKeyFile ' . makeCorrectFile($domain['ssl_key_file']) . "\n";
                         if ($domain['ssl_ca_file'] != '') {
                             // check for existence, #1485
                             if (!file_exists($domain['ssl_ca_file'])) {
                                 $this->logger->logAction(CRON_ACTION, LOG_ERR, $ipport . ' :: certificate CA file "' . $domain['ssl_ca_file'] . '" does not exist! Cannot create ssl-directives');
                             } else {
                                 $this->virtualhosts_data[$vhosts_filename] .= ' SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n";
                         // #418
                         if ($domain['ssl_cert_chainfile'] != '') {
                             // check for existence, #1485
                             if (!file_exists($domain['ssl_cert_chainfile'])) {
                                 $this->logger->logAction(CRON_ACTION, LOG_ERR, $ipport . ' :: certificate chain file "' . $domain['ssl_cert_chainfile'] . '" does not exist! Cannot create ssl-directives');
                             } else {
                                 $this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n";
                 } else {
                     // if there is no cert-file specified but we are generating a ssl-vhost,
                     // we should return an empty string because this vhost would suck dick, ref #1583
                     $this->logger->logAction(CRON_ACTION, LOG_ERR, $domain['domain'] . ' :: empty certificate file! Cannot create ssl-directives');
                     $this->virtualhosts_data[$vhosts_filename] = $without_vhost;
                     $this->virtualhosts_data[$vhosts_filename] .= '# no ssl-certificate was specified for this domain, therefore no explicit vhost-container is being generated';
                     $close_vhost = false;
             if ($close_vhost) {
                 $this->virtualhosts_data[$vhosts_filename] .= '</VirtualHost>' . "\n";
             $this->logger->logAction(CRON_ACTION, LOG_DEBUG, $ipport . ' :: inserted vhostcontainer');
      * bug #32
      * bug #unknown-yet