How to – Use the built in Dynamic Portal for Vicibox
Ok so I have had a LOT of people ask me how to use the dynamic portal for Vicibox or for their own Vicidial scratch install. I didn’t think I needed to go over this topic, since it’s in the install instructions for vicibox9, but since there has been a very high demand for it. This is the prelude for the live session I will be giving in a couple hours.
So there is an easy way to install this on your server if you are using a scratch install for Leap by adding the repo for Vicibox that matches your Linux distro. You can go to the url below:
https://download.opensuse.org/repositories/home:/vicidial:/vicibox/
Once you find the Leap version you are using, just add the repo such as this: For this example, Leap 15.2
The Steps – Vicibox Dynamic Portal
Step 1 – Add the Vicibox repo
zypper ar https://download.opensuse.org/repositories/home:/vicidial:/vicibox/openSUSE_Leap_15.2/home:vicidial:vicibox.repo
Step 2 – Install the needed files
After you add the repo, you can just type:
zypper install vicibox*
Step 3 – Edit the apache config files for dynamic portal
For this next part I will show you the code for the dynamic portal conf file incase you are trying to install this on another OS. Here is the dynportal.conf file which is in /etc/apache2/vhost.d/ and you can find an example of the ssl version below in the picture
<VirtualHost *:81>
ServerAdmin admin@company.com
# This needs to be different from other vhosts otherwise they'll get
# mod_cband applied to it too since it works by ServerName not VHost
ServerName dynportal.company.com
#ServerAlias
DocumentRoot /srv/www/vhosts/dynportal
ErrorLog /var/log/apache2/dynportal-error_log
#CustomLog /var/log/apache2/access_log combined
CustomLog /dev/null combined
HostnameLookups Off
UseCanonicalName Off
ServerSignature Off
TraceEnable Off
Include /etc/apache2/conf.d/php7.conf
Include /etc/apache2/conf.d/mod_deflate.conf
Include /etc/apache2/conf.d/mod_cband.portal
DirectoryIndex index.html index.php index.htm
# Prevent access to debug and other things
<Files ~ "^\.ht">
Require all denied
</Files>
<Files ~ "^\debug.txt">
Require all denied
</Files>
<Directory "/srv/www/vhosts/dynportal/inc">
Require all denied
</Directory>
# And allow our directory to be served finally
<Directory "/srv/www/vhosts/dynportal">
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
# Take care of CSS and some other web-crap security things
<IfModule mod_headers.c>
Header always set X-Frame-Options: DENY
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options: nosniff
Header always set Content-Security-Policy "script-src 'self'; object-src 'self'"
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
</IfModule>
</VirtualHost>
Make sure you change the domain and email and then restart Apache: service apache restart
<VirtualHost *:446>
ServerAdmin admin@agentwebdialer.com
# This needs to be different from other vhosts otherwise they'll get
# mod_cband applied to it too since it work by ServerName not VHost
ServerName agentwebdialer.com
#ServerAlias
DocumentRoot /srv/www/vhosts/dynportal
ErrorLog /var/log/apache2/dynportal-error_log
#CustomLog /var/log/apache2/access_log combined
CustomLog /dev/null combined
HostnameLookups Off
UseCanonicalName Off
ServerSignature Off
TraceEnable Off
Include /etc/apache2/conf.d/php7.conf
Include /etc/apache2/conf.d/mod_deflate.conf
Include /etc/apache2/conf.d/mod_cband.portal
DirectoryIndex index.html index.php index.htm
# Configure SSL cert
SSLEngine on
SSLCertificateFile /etc/certbot/live/agentwebdialer.com/cert.pem
#SSLCACertificateFile /etc/apache2/ssl.crt/CA_chain.crt
SSLCertificateKeyFile /etc/certbot/live/agentwebdialer.com/privkey.pem
# SSL Options
<FilesMatch "\.(php)$">
SSLOptions +StdEnvVars
</FilesMatch>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
# Prevent access to debug and other things
<Files ~ "^\.ht">
Require all denied
</Files>
<Files ~ "^\debug.txt">
Require all denied
</Files>
<Directory "/srv/www/vhosts/dynportal/inc">
Require all denied
</Directory>
# And allow our directory to be served finally
<Directory "/srv/www/vhosts/dynportal">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
# Take care of CSS and some other web-crap security things
<IfModule mod_headers.c>
Header always set X-Frame-Options: DENY
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options: nosniff
Header always set Content-Security-Policy "script-src 'self'; object-src 'self'"
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
</IfModule>
</VirtualHost>
Step 4 – Change the default settings for the dynamic portal
Make sure you change the defaults.inc.php file in /srv/www/vhosts/dynportal/inc
Step 5- Open Ports on Firewall
There is a service added to the yast firewall to add the dynamic portal named viciportal, make sure you add this to the “public” zone
Step 6 – Add Crontab Entry
The last step is to add a crontab entry for the dynamic portal entries as such:
### ViciBox integrated firewall, by default just load the VoIP Black list and reload it every 4 hours
### You can lock everyone out of your server if you set this wrong, so understand what you are doing!!!
@reboot /usr/local/bin/VB-firewall.pl --whitelist=ViciWhite --dynamic --quiet
* * * * * /usr/local/bin/VB-firewall.pl --whitelist=ViciWhite --dynamic
Step 6 – Change folder permissions & Restart Apache
chmod -R 775 /srv/www/vhosts/dynportal
service apache restart
Step 7 – You’re Done! Check it out!
After you restart apache and open the port in the firewall, you should be able to go to http://yourserver:81/valid8.php or https://yourserver:446/valid8.php for SSL and see the following:
Well, that’s it, I did this from memory instead of trying it from scratch so if I missed anything, I’ll update the instructions, just leave a comment below. Thanks. See you guys soon at the Live session: https://fb.me/e/5zj1fJ9Fg
-Nox