Hello, I just installed ispconfig 3.1.15p3 on ubuntu 18.04, everytime I create a new website it adds /login in front of the web page when accessing it, like test.com/login and shows the ispconfig logo like the admin page cannot find the reason any idea? Thanks
Maybe you entered port 80 or 443 instead of port 8080 during ISPConfig installation as port for the ISPConfig interface?
I don't remember doing that. I can access ispconfig admin with port 8080, and ispconfig.vhost is configured with port 8080
Ok, very strange. Did you add any global aliases in the web server or any other manual edits in the web servers config files?
I installed a certificate in ispconfig.vhost: SSLCertificateFile /usr/local/ispconfig/interface/ssl/server2.crt # SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/server2.key #SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle SSLCACertificateFile /usr/local/ispconfig/interface/ssl/gd_bundle.crt And I edit /usr/share/phpmyadmin/libraries/sql.lib.php, to solve the phpmyadmin problem ((empty($analyzed_sql_results['select_expr'])) || (count($analyzed_sql_results['select_expr']) == 1) && ($analyzed_sql_results['select_expr'][0] == '*'))
# cat ispconfig.vhost ###################################################### # This virtual host contains the configuration # for the ISPConfig controlpanel ###################################################### Listen 8080 NameVirtualHost *:8080 <VirtualHost _default_:8080> ServerAdmin webmaster@localhost <Directory /var/www/ispconfig/> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> <Directory /usr/local/ispconfig/interface/web/> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> <IfModule mod_fcgid.c> DocumentRoot /var/www/ispconfig/ SuexecUserGroup ispconfig ispconfig <Directory /var/www/ispconfig/> Options -Indexes +FollowSymLinks +MultiViews +ExecCGI AllowOverride AuthConfig Indexes Limit Options FileInfo <FilesMatch "\.php$"> SetHandler fcgid-script </FilesMatch> FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php Require all granted </Directory> IPCCommTimeout 7200 MaxRequestLen 15728640 </IfModule> <IfModule mpm_itk_module> DocumentRoot /usr/local/ispconfig/interface/web/ AssignUserId ispconfig ispconfig AddType application/x-httpd-php .php <Directory /usr/local/ispconfig/interface/web> # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp" Options +FollowSymLinks AllowOverride None Require all granted php_value magic_quotes_gpc 0 </Directory> </IfModule> # ErrorLog /var/log/apache2/error.log # CustomLog /var/log/apache2/access.log combined ServerSignature Off <IfModule mod_security2.c> SecRuleEngine Off </IfModule> # SSL Configuration SSLEngine On SSLProtocol All -SSLv3 # SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt SSLCertificateFile /usr/local/ispconfig/interface/ssl/server2.crt # SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/server2.key #SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle SSLCACertificateFile /usr/local/ispconfig/interface/ssl/gd_bundle.crt SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHAHE-RSA-AES128-SHA256HE-RSA-AES128-SHAHE-RSA-AES256-SHA256HE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHAES-CBC3-SHA:!DSS SSLHonorCipherOrder On <IfModule mod_headers.c> # ISPConfig 3.1 currently requires unsafe-line for both scripts and styles, as well as unsafe-eval Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests" Header set X-Content-Type-Options: nosniff Header set X-Frame-Options: SAMEORIGIN Header set X-XSS-Protection: "1; mode=block" Header always edit Set-Cookie (.*) "$1; HTTPOnly; Secure" <IfVersion >= 2.4.7> Header setifempty Strict-Transport-Security "max-age=15768000" </IfVersion> <IfVersion < 2.4.7> Header set Strict-Transport-Security "max-age=15768000" </IfVersion> RequestHeader unset Proxy early </IfModule> SSLUseStapling On SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors Off </VirtualHost> <IfModule mod_ssl.c> SSLStaplingCache shmcb:/var/run/ocsp(128000) </IfModule> <Directory /var/www/php-cgi-scripts> AllowOverride None Require all denied </Directory> <Directory /var/www/php-fcgi-scripts> AllowOverride None Require all denied </Directory> # cat ispconfig.conf ################################################ # ISPConfig Logfile configuration for vlogger ################################################ SetEnvIf Request_URI "^/datalogstatus.php$" dontlog LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog <Directory /var/www/clients> AllowOverride None Require all denied </Directory> # Do not allow access to the root file system of the server for security reasons <Directory /> Options -Indexes AllowOverride None Require all denied </Directory> <Directory /var/www/conf> AllowOverride None Require all denied </Directory> # Except of the following directories that contain website scripts <Directory /usr/share/phpmyadmin> Require all granted </Directory> <Directory /usr/share/phpMyAdmin> Require all granted </Directory> <Directory /srv/www/htdocs> Require all granted </Directory> <Directory /usr/share/squirrelmail> Require all granted </Directory> # Allow access to mailman on OpenSuSE <Directory /usr/lib/mailman/cgi-bin> Require all granted </Directory> <Directory /usr/lib/mailman/icons> Require all granted </Directory> <Directory /var/lib/mailman/archives/> Options +FollowSymLinks Require all granted </Directory> # allow path to awstats and alias for awstats icons <Directory /usr/share/awstats> Require all granted </Directory> Alias /awstats-icon "/usr/share/awstats/icon" Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-known/acme-challenge <Directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge> Require all granted <IfModule mpm_itk_module> AssignUserId www-data www-data </IfModule> </Directory> NameVirtualHost *:80 NameVirtualHost *:443 NameVirtualHost 192.168.133.1:80 NameVirtualHost 192.168.133.1:443
one more thing, I installed several php versions following this : https://www.goover.de/article/8-installing-several-php-versions-with-ispconfig3-and-ubuntu-18-04/
The ispconfig vhost looks fine, but you should not have edited it as your changes will get removed automatically. Instead of editing the file, just replace the content of the SSL files. I'll recommend to change that now, otherwise your system will become inaccessible on next update. But this does not explain the issue, beside of the wrong SSL paths, the file looks ok.
I don't think so. What you might try is this: grep -r login /etc/apache2 to find all apache config files that contain the word login, maybe this helps us to narrow down why this happens. And one other thing, did you try another browser or your browser in anon mode, maybe it's just some kind of cached redirect.
# grep -r login /etc/apache2 # Returns nothing I just clean the browser cache and change to a private windows. And still the same login page
~# apachectl -S AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:73 VirtualHost configuration: *:8081 alfa.techsul.pt (/etc/apache2/sites-enabled/000-apps.vhost:9) *:8080 alfa.techsul.pt (/etc/apache2/sites-enabled/000-ispconfig.vhost:9) *:443 techsul.pt (/etc/apache2/sites-enabled/100-techsul.pt.vhost:120) *:80 is a NameVirtualHost default server alfa.techsul.pt (/etc/apache2/sites-enabled/000-default.conf:1) port 80 namevhost alfa.techsul.pt (/etc/apache2/sites-enabled/000-default.conf:1) port 80 namevhost techsul.pt (/etc/apache2/sites-enabled/100-techsul.pt.vhost:7) alias www.techsul.pt alias www.techsul.com alias techsul.com port 80 namevhost teste.pt (/etc/apache2/sites-enabled/100-teste.pt.vhost:7) alias www.teste.pt ServerRoot: "/etc/apache2" Main DocumentRoot: "/var/www/html" Main ErrorLog: "/var/log/apache2/error.log" Mutex default: dir="/var/run/apache2/" mechanism=default Mutex mpm-accept: using_defaults Mutex fcgid-pipe: using_defaults Mutex authdigest-opaque: using_defaults Mutex watchdog-callback: using_defaults Mutex rewrite-map: using_defaults Mutex ssl-stapling-refresh: using_defaults Mutex authdigest-client: using_defaults Mutex fcgid-proctbl: using_defaults Mutex ssl-stapling: using_defaults Mutex proxy: using_defaults Mutex ssl-cache: using_defaults PidFile: "/var/run/apache2/apache2.pid" Define: DUMP_VHOSTS Define: DUMP_RUN_CFG Define: ENABLE_USR_LIB_CGI_BIN User: name="www-data" id=33 Group: name="www-data" id=33
Trying to run some queries there, I note that techsul.pt answers with nginx, not apache, and not at all for teste.pt; perhaps that's just how your public->private forwarding is setup. What is the DocumentRoot in /etc/apache2/sites-enabled/000-default.conf? What all do you have under /var/www/html ?
Note, this is a closed environment, techsul.pt you can see is the actual site, not this one we are testing. To access this environment you need to include in your host file 148.69.123.106 www.teste.pt /etc/apache2/sites-enabled/000-default.conf DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf </VirtualHost>
I found the problem Was the reverse proxy of the firewall Sorry for your time I just scolded the firewall guy
