How To Point A SubDomain To A Non-Standard Port With SSL On cPanel

Recently I needed to run a Ruby app on cPanel using a non-standard Apache port (i.e. http://mydomain.com:6000) but wanted to send live traffic to a subdomain with SSL (i.e. https://sub.mydomain.com).

After some research along with some trial and error I discovered a method that worked easily, therefore I wanted to share it to hopefully save you the time I spent on it!

Open The Custom Port In Firewall

To get started, you want to first verify that the port is open in your firewall, and you’re able to load it in your web browser (i.e. http://mydomain.com:6000 loads).

If you’re using a VPS or Cloud Dedicated from NameHero, we include ConfigServer Security & Firewall (CSF) in our images by default, so you’d want to open the port there:

Please note: This tutorial will not work on our Web Hosting or Reseller Hosting packages as it requires full root access.

Login to Web Host Manager as root user and click on ConfigServer Security & Firewall:

Click on Firewall Configuration:

Scroll down to TCP_IN and TCP_OUT and add your custom port (i.e. 6000):

Click change and restart the CSF service.

Install Mod Proxy In Easy Apache 4

To make this work, we need use Apache’s Mod Proxy to route the subdomain to the custom port. With cPanel’s Easy Apache 4, this can easily be installed, if it’s not already:

If you don’t see the green “Installed”, simply toggle the button and recompile Apache with it.

Setup Your SubDomain With SSL

In order to point the custom port to a subdomain with SSL, you’ll need to make sure it’s setup with an active SSL certificate.

Thankfully using cPanel’s Auto SSL module, this is 100% free as long as it’s enabled in Web Host Manager:

With this verified, you can create the subdomain in cPanel or Web Host Manager.

In my case, my root domain is hosted on a different server, therefore I’m going to create a cPanel account for the subdomain and point my A record using Cloudflare:

Once created, you may need to go back to Auto SSL in Web Host Manager and manually run the module to generate the SSL, or give it a few hours for the automation.

When you’re able to access your subdomain in your browser with SSL, you’ll ready to proceed (i.e. https://sub.domain.com).

Modify Apache Configuration

Finally, we need to modify Apache’s configuration file, so it knows how to properly route the subdomain to the custom port.

When you’re doing this with cPanel/WHM, it’s important to use their include files so an upgrade doesn’t remove your customization and you don’t break native configuration.

This can easily be done inside of Web Host Manager -> Apache Configuration -> Include Editor:

From here, you’re going to want to modify the Pre VirtualHost Include file with the following:

<VirtualHost *:80>
 ServerName sub.mydomain.com

ProxyRequests Off
<Proxy *>
    Order deny,allow
    Allow from all
</Proxy>

ProxyPass / http://mydomain.com:6000/
ProxyPassReverse / http://mydomain.com:6000/
<Location />
    Order allow,deny
    Allow from all
</Location>
</VirtualHost>

It should look something like this:

If you format this incorrectly, you may receive an error that it will not save, so that would need to be resolved before proceeding. cPanel has a ton of Documentation on this, which maybe beneficial.

Finally, you should run the following commands via SSH as root:

[[email protected] ~]# /scripts/rebuildhttpdconf

[[email protected] ~]# service httpd restart

As long as you followed the above instructions and completed them without errors, you should now be able to load your subdomain via SSL that points to your custom port (i.e. https://sub.mydomain.com). Please note you may need to flush your local DNS cache if the subdomain existed previously.

Please note: As a disclaimer, this is not an official cPanel method therefore we are unable to provide support for it. This should be used with full warning that you acknowledge the risks involved.

Feel free to let me know if you have any questions, I’ll try my very best to help!