when i reboot my server, ssl is not working anymore

coffeemug · Jan 30, 2020

During some months my ISPConfig server worked right. The day before yesterday I made an update to the new ISPConfig and it was still running. Yesterday i rebooted my server for first time and the apache did not start anymore.

I fixed the problems related to the apache server (the name of the sever doesn't match the CN in the certificate), but after that, when finally the apache started, the iPSConfig is generating following message:

1. Possible attack detected. This action has been logged.

Please help me with some tips or documentation to follow.

thanks

till · Jan 30, 2020

Try using your web browser in anonymous mode to test if you are able to log into ispconfig then. If this works, then your browser must send a cookie which does not belong to ispconfig which triggers the security alert.

coffeemug · Jan 30, 2020

till said: ↑

Try using your web browser in anonymous mode to test if you are able to log into ispconfig then. If this works, then your browser must send a cookie which does not belong to ispconfig which triggers the security alert.
Click to expand...

That had been the reason!!! Thanks a lot!!

coffeemug · Jan 31, 2020

Now the connection is always insecure. #I.am.lost

##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Debian GNU/Linux 10 (buster)

[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.1.15p2

##### VERSION CHECK #####

[INFO] php (cli) version is 7.0.33-0+deb9u6

##### PORT CHECK #####

##### MAIL SERVER CHECK #####

##### RUNNING SERVER PROCESSES #####

##### RUNNING SERVER PROCESSES #####

[INFO] I found the following web server(s):
Apache 2 (PID 5113)
[INFO] I found the following mail server(s):
Postfix (PID 1021)
[INFO] I found the following pop3 server(s):
Dovecot (PID 635)
[INFO] I found the following imap server(s):
Dovecot (PID 635)
[INFO] I found the following ftp server(s):
PureFTP (PID 1061)

##### LISTENING PORTS #####
(only ()
Local (Address)
[anywhere]:21 (1061/pure-ftpd)
***.***.***.***:53 (628/named)
[localhost]:53 (628/named)
[anywhere]:22 (629/sshd)
[anywhere]:25 (1021/master)
[localhost]:953 (628/named)
[anywhere]:993 (635/dovecot)
[anywhere]:995 (635/dovecot)
[anywhere]:8069 (28214/python3)
[localhost]:10023 (496/postgrey)
[localhost]:10024 (1088/amavisd-new)
[localhost]:10025 (1021/master)
[localhost]:10026 (1088/amavisd-new)
[localhost]:10027 (1021/master)
[anywhere]:587 (1021/master)
[localhost]:11211 (589/memcached)
[anywhere]:110 (635/dovecot)
[anywhere]:143 (635/dovecot)
[anywhere]:465 (1021/master)
*:*:*:*::*:21 (1061/pure-ftpd)
*:*:*:*::*:53 (628/named)
*:*:*:*::*:22 (629/sshd)
*:*:*:*::*:25 (1021/master)
*:*:*:*::*:953 (628/named)
*:*:*:*::*:443 (5113/apache2)
*:*:*:*::*:993 (635/dovecot)
*:*:*:*::*:995 (635/dovecot)
*:*:*:*::*:10023 (496/postgrey)
*:*:*:*::*:10024 (1088/amavisd-new)
*:*:*:*::*:10026 (1088/amavisd-new)
*:*:*:*::*:3306 (708/mysqld)
*:*:*:*::*:587 (1021/master)
[localhost]10 (635/dovecot)
[localhost]43 (635/dovecot)
*:*:*:*::*:80 (5113/apache2)
*:*:*:*::*:8080 (5113/apache2)
*:*:*:*::*:465 (1021/master)
*:*:*:*::*:8081 (5113/apache2)

##### IPTABLES #####
Chain INPUT (policy ACCEPT)
target prot opt source destination
f2b-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25
f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain f2b-sshd (1 references)

...skipping 1 line
REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable
REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable
REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable
REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable
RETURN all -- [anywhere]/0 [anywhere]/0

Chain f2b-postfix-sasl (1 references)
target prot opt source destination
RETURN all -- [anywhere]/0 [anywhere]/0
Click to expand...

till · Jan 31, 2020

I need a bit more info The connection to what is insecure, ispconfig Interface, a website on your server, email, ...?

coffeemug · Jan 31, 2020

server1.mydomain.com is suddenly with an invalid ssl (instead of server1. my... it is server.my... in the ssl-certificate)
ssl from letsencypt for mydomain.com is working fine, all other webpages and emails are working great as well.
I installed odoo, which is working with python3 and postgres. I would like to put it on erp.mydomain.com

Log in or Sign up

when i reboot my server, ssl is not working anymore

coffeemug New Member

till Super Moderator Staff Member ISPConfig Developer

coffeemug New Member

coffeemug New Member

till Super Moderator Staff Member ISPConfig Developer

coffeemug New Member

Share This Page

Log in or Sign up

when i reboot my server, ssl is not working anymore

coffeemug New Member

till Super Moderator Staff Member ISPConfig Developer

coffeemug New Member

coffeemug New Member

till Super Moderator Staff Member ISPConfig Developer

coffeemug New Member

Share This Page

Useful Searches