Web-server is the server which accepts HTTP-requests from clients (usually from web-browsers) and gives them HTTP-responses (usually with an HTML-page, image, file, media-stream or other data). Web server is called software that performs the functions of a web server, and directly the computer on which this software runs.
The client (usually a web-browser) sends to the web-server requests for resources indicated by URLs. Resources are the HTML-pages, images, files, media-streams or other data. In response the web-server sends the requested data to the client. This exchange is is done within Hyper Text Transfer Protocol (HTTP).
The “Web” module is located in “Fileserver” menu. This module is designed to configure and manage the web-server and contains four tabs: “Web server”, “Settings”, “Web resources” and “Log”.
On the “Web server” tab you can see status of this service and the “Disable” button (or “Enable”, if the module is disabled) and last log messages.
The “Settings” tab is designed to configure ICS CUBE web-server.
The “Host name” field defines the external domain name of the server. Required for correct work of the web-resource by domain name.
The “Administrator E-mail” field allows to specify email address of a person responsible for web-server. Needed in case of trouble of server operation.
The “HTTP port” field allows to specify port at which the web-server accepts HTTP-requests (by default this port is set to 80).
The “HTTPS port” field allows to specify port at which the web-server accepts HTTPS-requests (by default this port is set to 443).
The “Certificate for HTTPS” field allows to assign the service a certificate previously created in the corresponding module for the server to work over the secure HTTPS protocol using SSL.
Check the box “Redirect from HTTP to HTTPS” if you want the web-server to insist on using secure connection even if a client requested otherwise.
Check the “Automatically create a permitting rule” box to create a permitting rule in the firewall of ICS CUBE for HTTP/HTTPS ports of the web-server to be accessed from external networks.
Attention! When this flag is set, the Anti DNS Pinning (DNS rebinding) vulnerability will be opened, and the system administrator is responsible for this.
The “Authentication type” field. If your web-resource or virtual host are not intended for guest (public) access, this option is determines how users will undergo authorization to use the resource.
The “Web resources” tab designed to manage own websites placed on ICS CUBE.
There is an ability to create a following web resources types:
|Web resource||Responds to HTTP-requests at IP-addresses of ICS CUBE interfaces.|
|Virtual host||Allows to create an unlimited number of web-resources, each responsible for their own website, distinguished by the site name.|
|Virtual host with reverse proxy||Allows ICS CUBE to redirect requests to a website with specified name in case the server of this website is located inside the company network (analogue of port forwarding).|
|Virtual host shortcut||Creates an alias for virtual host.|
For adding a web resource you need to press the “Add” button and select a “Web resource”.In the opened window you should fill in a required fields - the “Resource name” and the “Source”, and the optional field - the “Description”.
The “Resource name” can be any domain name.
The “Source” is the directory from the structure of the ICS CUBE file storage in which the content of the website will be located.
If necessary, it is possible to create a new folder in the directory.
The “Description” is intended for a brief description of the resource that will be displayed in the list of web resources, as well as in the file storage next to the corresponding folder.
The “Allow directory listing” checkbox allows to display a list of all files and folders of the resource, if no index.html or index.php files are found in the root folder.
The “Allow execution of PHP scripts” checkbox allows to execute PHP-scripts on HTML-pages.
The “Default Encoding” field determines the value of the encoding of the displayed HTML-pages of the resource by default.
The “Access permissions” tree determines the list of users who have access to view the website.
The “Guest login” checkbox allows viewing and writing by any source.
The virtual host is the main resource when website creating.
For adding a virtual host you need to press the “Add” button and select a “Virtual host”. In the opened window you should fill in a required field - the “Source”, and the optional fields - the “Virtual host” and the “Description”.
The virtual host is similar to the name of the web resource, but must contain the domain name of the website to which it will respond by HTTP-request. For the correct work of virtual host, in most cases, it is necessary to configure the DNS-zones of the domain name.
Setting up a virtual host is similar to setting up a web resource. In addition to the specified settings, the following parameters can also be configured in the virtual host:
The “Create a shortcut for www.%domainname%” checkbox allows to configure DNS-records for receiving HTTP-requests both to the website name indicated in the name, and to it with the addition of the WWW domain.
The “Use Web Application Firewall” checkbox allows to enable a Web Application Firewall module.
The “HTTPS settings” section designed for choosing to use the general settings of the web server, the LetsEncrypt certificate, or to indicate to this website a certificate created in advance in the corresponding module. Specifying a certificate manually activates the “Redirect from HTTP to HTTPS” flag, which is necessary so that this website always works over a secure connection.
The “ Add record on DNS server” checkbox allows to create zone for this host and the records at the ICS CUBE DNS-server:
As well as a web resource, you can configure the level of user access (reading only) to the virtual host.
For adding a virtual host with reverse proxy you need to press the “Add” button and select a “Virtual host with reverse proxy”. In the opened window you should fill in a required field - the “Redirect HTTP(S) to address”, and the optional fields - the “Virtual host” and the “Description”.
The “Redirect HTTP to HTTPS” checkbox activates the field for entering the address to which HTTP-requests will be redirected.
The “Redirect HTTPS to address” field designed to enter the address to which HTTPS requests will be redirected.
As addresses for redirection it is possible to specify: IP-address; domain <domain: port>; <path_to_file>.
The “Add record on DNS server” and the Use Web Application Firewall” checkboxes are similar to corresponding checkboxes at virtual host.
If a virtual host has been created on the ICS CUBE and it is necessary for it to respond to requests for a different domain name, you can use the shortcut.
For adding a virtual host with reverse proxy you need to press the “Add” button and select a “Virtual host shortcut”. In the opened window you should fill in a required fields - the “Shortcut” and the “Virtual host”, and the optional field - the “Description”. As a shortcut you need to specify the name, and in the “Virtual host” field select from the list the one to which the shortcut will belong.
The “Add record on DNS server” checkbox is similar to corresponding checkbox at virtual host.
Every time you create a web-resource or a virtual host at ICS CUBE a database at MySQL database server of ICS CUBE is created and assigned to this website. The website can use the database by PHP-requests.
For displaying the parameters of the resource database, you should select it in the general list and click the “Database” button.
A dialog window opens with the parameters for connecting to the database: database name, login (User) and password for connection. These parameters should be used to connect to the database from PHP-scripts. The window also displays three function buttons:
The database is loaded into the ICS CUBE asynchronously, this allows you to continue working with the ICS CUBE without waiting for the download to finish. The download process will be shown at the right top bar.
During loading all buttons become inaccessible. It is possible to cancel the loading of the database through the “Download Files” button on the top panel of the main menu.
The “Log” tab displays a summary of all system messages of the corresponding servers with the date and time. The log is divided into pages, using the “forward” and “back” buttons it is possible to go from page to page, or enter the number of the desired page.
Log entries are highlighted in color depending on the type of message. Normal system messages are marked in white, system status messages (on / off, user connection) are green, warnings are yellow, errors are red.
In the upper right corner of the log is a search bar. And the ability to select the period for displaying the event log. By default, the log displays events for the current date. If necessary, you can save the log data to a file by clicking the “Export” button or delete the log data for a certain period by clicking the “Delete logs” button.