Yes, I knew I can do that, but the you won’t be able to administer your zs box from outside if you don’t have a VPN connection available (which I don’t always have).
What I really do is to change zs http and https ports with a really simple postboot script.
What I do is copy the files httpd.conf and ssl.conf from /etc/httpd/conf to /Database/scripts
on those 2 files, I change the lines
on httpd.conf
Listen 80 ---> Listen on ssl.conf
Listen 443 ---> Listen I also usually change the following line on httpd.conf:
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]with
RewriteRule ^.*$ https://%{SERVER_NAME}:1443After that, I create a postboot cron script with the following content:
rm -f /etc/httpd/conf/httpd.conf
rm -f /etc/httpd/conf/ssl.conf
cp -a /Database/scripts/httpd.conf /etc/httpd/conf/
cp -a /Database/scripts/ssl.conf /etc/httpd/conf/
/etc/init.d/httpd restartThat way, I know for sure the ports will never be used by zs’ apache, I’m still able to connect from outside, and keep unwanted people from trying to break into the machine…. (at least fewer of them will find the correct port)