Change the auto logoff time

Is there a way I can change the auto logoff time for both Nodeworx and Siteworx? As I have been doing a lot of stuff getting my domains up and running, I will be working with a different program then come back to either page, and I have to relog in. I want to extend the auto logoff time, so I do not have to relog back on after a couple of minutes of no activity.

Hello—

The setting is located in ~iworx/iworx.ini. It is idle_timeout, under the [session] header. It should be set to 1200 by default–the setting is in seconds (so the default is about 20 minutes).

Thanks,
-Jenna
Friendly Neighborhood InterWorx Support Manager

Thank you Jenna.

I do have another question, I followed the steps from forums.interworx-com/t/letss-encrypt-ssl-for-server-name/15303(can’t post links so I changed the format) but when I log into the Nodeworx it isn’t secure. I can log into the siteworx and that is secure. What do I need to do? I did change the URL from the IP to the domain name.

Hi

The Interworx-SSL needs to have the correct SSL

We always use the server FQDN SSL for all services, so if say the server FQDN was myserver.url, and mail was mail.myserver.url, webserver was myserver.url and www.myserver.url and FTP was ftp.myserver.url

You would generate the SSL using Lets Encrypt to cover myserver.url, www.myserver.url, mail.myserver.url and ftp.myserver.url and then set nodeworx server SSL to use the siteworx domain myserver.url SSL

This then covers all services and is easy to update, as nodeworx SSL uses siteworx SSL, which auto updates the SSL, and thereby keeping the nodeworx SSL uptodate

If this is not the issue, you would need to give more details.

If you prefer, you could PM me the nodeworx link and I can test externally

Many thanks

John

Hello–

I would not recommend using the method in that forum post, really.

Here is our documentation on how to generate SSL certificates for system services: How to: Manage SSL Certificates For System Services — InterWorx documentation

The recommended way is to use Let’s Encrypt to generate the SSLs using the hostname (this requires that the hostname domain a) resolves to the server and b) is not a SiteWorx account): How to: Manage SSL Certificates For System Services — InterWorx documentation

Then you would access NodeWorx with

https://hostname.com:2443/nodeworx

and SiteWorx with

https://hostname.com:2443/siteworx

And both will be covered. Also, it will automatically renew itself (which the method in that old forum post will not).

If you want to know the method in the forum post, of applying a domain-level SSL to system services, is the domain that you used ALSO the hostname of the server?

It is recommended to first always check our documentation for instructions before checking the forum, since a lot of posts on the forum can be out of date. Our documentation is located at docs.interworx.com, which redirects to the appendix link above.

Hi @IWorx-Jenna

I am sorry, are you sure using siteworx domain for nodeworx SSL settings does not autogenerate/update

We have been using LE that way for since it was introduced and have never had any issues or manually had to generate the SSL once setup and also, as we need access to the server FQDN email, a siteworx easily covers this whereas I thought allowing nodeworx server generated LE to cover services would not allow email facilities

It may have changed on IW7 perhaps, but I hope not

@Donnti does need to provide more details to fully understand his issue though, as I did not think you could separate /nodeworx from /siteworx apart from if you change in iworx.ini but why would you

Many thanks

John

Hello–

The cert in SiteWorx will automatically renew, but as far as I’ve always been aware, it had to be manually re-applied to the system services every three months. That was part of the whole reason we set up an option to generate an LE cert for system services, using the hostname, directly. So I am surprised that you have never had to re-apply the domain-level SSL cert to system services (meaning, navigate to Server > SSL and click “update certificates”).

I don’t know what you mean by “would not allow email facilities”. Could you clarify?

Thanks,
-Jenna

Hi Jenna

Many thanks

Sorry if you choose to use siteworx SSL it requires no manual update

This is how it LE was originally used for nodeworx SSL and rsync from siteworx SSL. The reason for the direct nodeworx SSL LE was users were asking for that as they did not want to setup a siteworx account

If there is no siteworx account there is no email account for ted server FQDN.

Yo use email on server FQDN requires a siteworx account

Many thanks

John

Hello–

Again, that is not how it was originally set up, but maybe something changed in the last few years and I was unaware (I had so, so many support tickets running into that issue, where they had to manually update the System SSL certs to apply the new domain-level SSL to it every three months). Most folks stopped using that method a few years ago, once we added the new way of doing it (2019 or so?), so I may just not remember that changing.

I don’t know what you mean by “If there is no siteworx account there is no email account for ted server FQDN”.

The mail services can use the hostname for their SSLs without any issue. A SiteWorx account is not needed for that. You can use the hostname for the mail service FQDN. That is what most folks seem to do. You do not need to have a SiteWorx account for the hostname for mail services–you never really did (or at least not in the six years I’ve been around. Maybe it was different prior to that). It just has to resolve to the server.

Thanks,
-Jenna

Hi Jenna

Many thanks

In the very early days that was correct and a lot of users did not understand

You can use nodeworx SSL LE as you post or use a siteworx domain for SSL. This then updates nodeworx SSL

Sorry the email was not for mailserver SSL

It is if you need email accounts on the server FQDN

Many thanks

John

Hello–

I think I’m still not understanding.

Yes, if you want email accounts on the server, they have to be associated with a SiteWorx account.

The FQDN listed on the MTA page in NodeWorx (which is what I am referring to) does not have to be a SiteWorx account. You never have to make a SiteWorx account for the hostname in order for mail services, in general to work.

Thanks,
-Jenna

Hi Jenna

Sorry I think I may have taken off topic slightly but just needed to be sure that using a siteworx account for nodeworx SSL was still in use. I think your support tickets over manual renewal were more to do with users not implementing code similar to this thread from 2016.

Server SSL Certificate via LetsEncrypt - NodeWorx / General Discussion - Interworx Forum

It was not long after that nodeworx SSL could be generated using LE but also use a siteworx account, which I think just changes the location of the SSL files

Anyway sorry for taking off topic

Donnti issue is /siteworx is secure but /nodeworx is not

After thinking about this, it could be stale browser cache but woudl need more details

Hopefully donnti will post back or open a support ticket

Many thanks and hope you have a lovely weekend

John

Hello–

Oh, okay, yeah, a custom code like that would explain why the functionality is different than the default. Good to know someone came up with that.

-Jenna