Rspamd user interface available for port 9090

GG_jr · August 12, 2020, 10:24am

Hello everybody!

Is it possible to make the Rspamd user interface available for https://FQDN:9090/rspamd or, https://HOST_IP:9090/rspamd?

My NethServer is placed in DMZ and I access it from WAN, but only through the Cockpit (port 9090 forwarded from WAN to DMZ), thanks to 2FA.
The Rspamd user interface is only accessible through port 980 (no 2FA for the “Old GUI”).
At this point, if I am “in the Cockpit” from WAN and I want to access the Rspamd user interface, I also need to open a VPN session through my main router … (in the past, I only accessed the “Old GUI” via VPN, from LAN; I never expose port 980 to WAN, even if are two level of security: user & password and F2B).

TIA for your pro/cons responses to my question.

Gabriel

stephdl · August 13, 2020, 6:04am

I think you cannot change it like this because it is in the admin-conf.d web configuration that you find the rspamd fragment : /etc/httpd/admin-conf.d/rspamd.conf

We have no cockpit way to use a reverse proxy to the port 11334, maybe a classic reverse proxy to the 443 port could be done with a different path (EG: rspamd2), but you cannot modify it in the cockpit UI because it is a transpiled javascript code.

GG_jr · August 13, 2020, 12:22pm

Thank you for your response!

Kind regards,
Gabriel