Simpler path to siteworx login

Right now, when users want to login to the controlpanel, we have a number of ways.

  • Let the user access the controlpanel without HTTPS. -> they might as well stand in a streetcorner and shout out their user information.
  • Give every customer a SSL certificate and dedicated IP -> Overly expensive, and way over majority of the users need.
  • Use the servers hostname to access the controlpanel -> Hard to explain over the phone (use HTTPS, port number, and siteworx with and x istead of 'ks') … support calls get overly complicated and fustrates the customer. Not to mention that most customers hit send after filling out the password, before you have a chanse to tell them to change the domain name … and you have to do it all over again.

I propose that ‘<domain>/cp-login’ redirects to ‘https://serverhostname:2443/siteworx’ with the right domain name prefilled. That way, we only need a single valid SSL Wildcard for all our servers. The users have an easy way to access the controlpanel, and there is no hassel with domains in the login process.

Using SEF redirects is not a consern for a login to the controlpanel any way. So a header redirect or similar, that places the domain name in a $_POST for printout in the form, shouldn’t be a problem.

Good ideas. I’m saving your post to bring up during the next meeting. This should be addressed at least for Siteworx. The invalid certificate screen is very scary for those who aren’t used to it too.

We solved this problem with a (complex) sync operation with our company website and all of our InterWorx boxes using the API. In summary, our customers are told to login through our website, which maps their domain to the server they are on. They don’t bookmark the server URL, and it gives us the freedom to move them to new servers as old ones retire. I admit this solution is very complex, but we no longer get support calls from customers when we moved their site overnight “and it was working just fine” before we did.

To answer your need, it is already possible.

Edit cat /etc/httpd/conf.d/iworx.conf (or make a new .conf with your own rules). Look for the section that looks like this:

# setup the basic redirects

RewriteEngine on
RewriteRule ^/siteworx(/)?$ https://%{HTTP_HOST}:2443/siteworx/\?domain=%{HTTP_HOST} [R,L]
RewriteRule ^/nodeworx(/)?$ https://%{HTTP_HOST}:2443/nodeworx/ [R,L]

If you add a rule like this, it will do what you want:

RewriteRule ^/cp-login(/)?$ https://serverhostname:2443/siteworx/\?domain=%{HTTP_HOST}

The SiteWorx login allows the domain or any hostname of that domain for the Domain field in my experience. It should work fine. We have a similar rule in our configuration that pushes all of customer sites through our login portal I described above (/control-panel, /webmail, etc).

Thanks, I totally missed this thread, and found the same solution when I was looking around in the iworx.conf file today.
Interworx should really make this standard in the file.

RewriteRule ^/siteworx(/)?$ https://serverhostname:2443/siteworx/\?domain=%{HTTP_HOST} [R,L]
RewriteRule ^/nodeworx(/)?$ https://serverhostname:2443/nodeworx/ [R,L]


Please could I ask if I have missed anything on the redirects, it all seemed fairly straight forward but it does not redirect for me.

I changed the redirect rule to that of evanion, and thought serverhostname should be the FQDN i.e, but I have tried exactly and FQDN, on each I restarted iworx first, followed by httpd.

The issue is, it does not appear to redirect.

I am on Centos 6.4 64 bit, with interworx 4 latest.

Any help would be appreciated

Many thanks