End User CP Configuration

With End User CP Configuration you can configure most of the important aspects of CP+, like install new modules, upgrade existing modules, and upgrade CP+ itself. It provides means to change the port and address, select different languages, enable or disable SSL encryption, etc.

To be able to do this, you should:

1. Log into CP+ at http://cpplus_host:10000/ as admin and with your server root password:
2. In the left information panel click System Administration.
3. On the page that appears scroll down to the Advanced Management section and click the End User CP Configuration icon.



• IP Access Control to configure End User CP server to deny/allow access only from certain IP addresses;
• Ports and Addresses to change the port number that End User CP listens on, or have it listen on only a single IP address;
• User Interface to edit user interface options used by all End User CP modules;
• Operating System to change the operating system End User CP treats your system as;
• Language to choose which language End User CP will use for displaying titles, prompts and messages;
• Authentication to protect your End User CP server from brute-force password cracking attacks and more;
• SSL Encryption to be able to use SSL encrypted connections to your CP+ server;
• End User CP Module Configuration to configure necessary modules;
• Available Modules to select which installed End User CP modules are visible to users;
• Module Restrictions to control which End User CP modules are available to different users and groups;
• Allowed Users and Groups to limit which unix users and groups are allowed to log in;
• Access Control Options to configure various access control options that apply to End User CP modules and users.

 IP Access Control

This option allows to restrict access to the CP+ server to just those addresses that are trusted. By default, any address is allowed to access CP+.

Set the addresses you allow to access from, or list the specific addresses that you allow/deny access. Click Save after changes.

 Ports and Addresses

By default, the CP+ server will listen on every active IP address on the system. The Ports and Addresses option helps to set CP+ to listen only on one of them.

In the Listen on Port field specify the network port on which CP+ will listen. Click Save.

 User Interface

This option allows you to configure CP+ user interface. For instance, you can configure where on the page CP+ will display the login name and host name of the server.

Some of the options displayed are:

• Display login and hostname: set where you want user login and hostname to appear in CP+.
• Hostname to display in End User CP: you can choose between real hostname, hostname from URL, domain name from URL.
• After login, always go to module: you can choose which module the user will go directly upon login.

Make sure to save changes.

 Operating System

CP+ knows how to interact with your system based on configuration files for each module, that are selected based on the operating system configured here. There's no need in updating this info, unless after upgrading your system, some configuration files were moved to new locations.

Here you can set the Search path for both programs (e.g system commands) and for libraries (such as for the password encryption library).
Note: these options hardly ever need to be changed, unless you have installed system tools and configuration files in odd locations on your system.

 Language

CP+ supports a large number of languages for titles and module text. This page allows you to choose the language for user CP+.

 Authentication

This CP+ option allows to prevent password cracking attacks on your server. If your CP+ server is widely accessible, and provides service to many users, it's recommended to configure this option in order to maximize the security of your system.

Some of the options displayed are:

• Password timeouts: if enabled, CP+ will block hosts that have a given number of failed login attempts by limiting the frequency of login attempts.
• Check Log blocked hosts, logins and authentication failures to syslog if you want CP+ to log all failures and blocked addresses to syslog.
• Session authentication: if enabled, CP+ will log users out after a specified time of inactivity, which prevents unauthorized users from accessing the server by simply using your computer.

Make sure to click Save for the changes t take effect.

 SSL Encryption

If your system has the OpenSSL libraries installed, you will be able to use SSL encrypted connections to your CP+ server. You will maximize the security of your server by allowing password and user information to be sent in an encrypted form. In case if you are going to access your CP+ server from across the Internet, it is highly recommended that you use SSL encrypted sessions.

 End User CP Module Configuration

One of the advantages of CP+ is that it's completely modular. Every server daemon, system feature and CP+ feature has its own module. This option allows to configure any module available to in your CP+ .

To configure module, choose one from the list, modify it and click Save for the changes to take effect.

 Available Modules

When you enter the Available Modules page, you can see the list of modules, available for users.

To make some of the installed End User CP modules invisible for users, uncheck boxes next to them and save changes.

 Module Restrictions

This option allows you to control which End User CP modules are available to different users and groups.
Important: modules that are not selected on the Available Modules page will never be available to users, even if they are selected here.

If you have no restrictions, but want to create one, click Add a new user or group restriction. The following page will show:

• Apply to: choose which users or groups End User CP modules are available to.
• Modules check which modules will be available for chosen users and groups.

Click Create.

You can later delete or modify existing restrictions.

 Allowed Users and Groups

This option allows to limit which unix users and groups are allowed to log into CP+ using this form.

 Access Control Options

This option allows to configure various access control options that apply to End User CP modules and users. These options are very much like those in the Global ACL (access control lists )for each user in the CP+ Users module.

• Set Root directory for file chooser: you can set user's home directory or enter the one of your own.
• Set Users visible in user chooser: it can be all users or only some specific users that you set.
• Set Groups visible in group chooser: it can be all groups or only some specific groups that you set.

Click Save to apply changes.