500 Server error after enabling website redirect

I was having an issue with one of my webpages displaying an error when visiting http:// - https:// displayed normally.
Following instructions in another post, I added the following to the apache directives for the website:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https:// %{HTTP_HOST}%{REQUEST_URI}

The website now auto redirects to https:// and displays properly - however, as is usually the case, fixing one thing breaks something else

I am now unable to access ISPConfig3 -
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

I'm not sure why adjusting a domain directive has now crippled the server, however I am unable to reverse the change as I can no longer access the control panel.

 

Is web server running? Maybe your change prevents it from running.
Start with https://www.howtoforge.com/community/threads/please-read-before-posting.58408/
to get some info on what is going on.

 

The server is running, as all websites are still active and accessible. Only ISPConfig is the issue
Here are the results of the test script

Code:

##### SERVER #####
IP-address (as per hostname): [localhost]
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Ubuntu 20.04.4 LTS

[INFO] uptime:  18:34:19 up 1 day,  1:39,  1 user,  load average: 0.00, 0.01, 0.05

[INFO] memory:
              total        used        free      shared  buff/cache   available
Mem:          6.0Gi       1.8Gi       3.1Gi        61Mi       1.2Gi       4.2Gi
Swap:            0B          0B          0B

[INFO] ISPConfig is installed.
[WARN] /usr/local/ispconfig/server/lib/config.inc.php is missing.

##### VERSION CHECK #####

[INFO] php (cli) version is 7.4.3
[INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.3

##### PORT CHECK #####

[WARN] Port 465 (SMTP server SSL) seems NOT to be listening
[WARN] Port 22 (SSH server) seems NOT to be listening

##### MAIL SERVER CHECK #####

[WARN] I found no "submission" entry in your postfix master.cf
[INFO] this is not critical, but if you want to offer port 587 for smtp connections you have to enable this.
[WARN] I found no "smtps" entry in your postfix master.cf
[INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this.

##### RUNNING SERVER PROCESSES #####

[WARN] I could not determine which web server is running.
[WARN] I could not determine which mail server is running.
[WARN] I could not determine which pop3 server is running.
[WARN] I could not determine which imap server is running.
[WARN] I could not determine which ftp server is running.

##### LISTENING PORTS #####
(only           ()
Local           (Address)
[anywhere]:993          (-)
[anywhere]:995          (-)
[localhost]:10023               (-)
[localhost]:10024               (-)
[localhost]:10025               (-)
[localhost]:10026               (-)
[localhost]:10027               (-)
[localhost]:11211               (-)
[anywhere]:1932         (-)
[anywhere]:110          (-)
[anywhere]:143          (-)
***.***.***.***:53              (-)
[anywhere]:21           (-)
***.***.***.***:53              (-)
[localhost]:53          (-)
[anywhere]:25           (-)
[localhost]:953         (-)
*:*:*:*::*:993          (-)
*:*:*:*::*:995          (-)
*:*:*:*::*:10023                (-)
*:*:*:*::*:10024                (-)
*:*:*:*::*:10026                (-)
*:*:*:*::*:3306         (-)
[localhost]932          (-)
[localhost]10           (-)
[localhost]43           (-)
*:*:*:*::*:8080         (-)
*:*:*:*::*:80           (-)
*:*:*:*::*:8081         (-)
*:*:*:*::*:21           (-)
*:*:*:*::*7859:23ff:feb3:53             (-)
*:*:*:*::*:53           (-)
*:*:*:*::*:25           (-)
*:*:*:*::*:953          (-)
*:*:*:*::*:443          (-)




##### IPTABLES #####




##### LET'S ENCRYPT #####
Certbot is installed in /usr/bin/letsencrypt

 

Is this a system you just now installed? Did you use ISPConfig autoinstaller? If not, which manual installation guide?
There does seem something wrong with web server:

Code:

[WARN] I could not determine which web server is running.

And this:

Code:

[INFO] ISPConfig is installed.
[WARN] /usr/local/ispconfig/server/lib/config.inc.php is missing.

Something has gone wrong. Can you restore that file from backups? Can you examine why that file might have gone missing?

 

It was just recently set up, following the HowToForge Perfect Server Guide. I haven't yet created backups as I was just finishing. Everything was fine, I have 3 websites with Wordpress installed. One of the websites was displaying an error page when visiting http:// , so I added the Rewrite in apache directives for that website - that website now automatically redirects to https:// as intended. Upon activation of the Rewrite, ISPConfig began displaying the 500 Error. That is the only change that was made.

 

I ran it as sudo, my mistake. Log file attached.

Code:

[Tue Mar 08 16:00:59.378481 2022] [:notice] [pid 313] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.
[Tue Mar 08 16:00:59.378488 2022] [:notice] [pid 313] mod_python: using mutex_directory /tmp
[Tue Mar 08 16:00:59.605669 2022] [mpm_prefork:notice] [pid 313] AH00163: Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f mod_python/3.3.1 Python/2.7.18 mod_perl/2.0.11 Perl/v5.30.0 configured -- resuming normal operations
[Tue Mar 08 16:00:59.605707 2022] [core:notice] [pid 313] AH00094: Command line: '/usr/sbin/apache2'
[Tue Mar 08 16:05:42.656998 2022] [mpm_prefork:notice] [pid 313] AH00171: Graceful restart requested, doing restart
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using server1.p*******s.ca. Set the 'ServerName' directive globally to suppress this message
[Tue Mar 08 16:05:42.830909 2022] [:error] [pid 313] python_init: Python version mismatch, expected '2.7.17', found '2.7.18'.
[Tue Mar 08 16:05:42.831017 2022] [:error] [pid 313] python_init: Python executable found '/usr/bin/python'.
[Tue Mar 08 16:05:42.831024 2022] [:error] [pid 313] python_init: Python path being used '/usr/lib/python2.7:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.
[Tue Mar 08 16:05:42.831055 2022] [:notice] [pid 313] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads.
[Tue Mar 08 16:05:42.831065 2022] [:notice] [pid 313] mod_python: using mutex_directory /tmp

 

Alright, I was able to get this from the apache error log

Code:

suexec policy violation: see suexec log for more details
suexec policy violation: see suexec log for more details
suexec policy violation: see suexec log for more details
suexec policy violation: see suexec log for more details
suexec policy violation: see suexec log for more details
[Wed Mar 09 17:23:02.550547 2022] [mpm_prefork:notice] [pid 128514] AH00169: caught SIGTERM, shutting down
[Wed Mar 09 17:23:03.099906 2022] [ssl:warn] [pid 168047] AH01906: server1.p******s.ca:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Mar 09 17:23:03.100245 2022] [ssl:error] [pid 168047] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=server1.p******s.ca,O=P*******T>
[Wed Mar 09 17:23:03.100260 2022] [ssl:error] [pid 168047] AH02604: Unable to configure certificate server1.p******s.ca:8080:0 for stapling
[Wed Mar 09 17:23:03.100607 2022] [ssl:warn] [pid 168047] AH01906: server1.p******s.ca:8081:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Mar 09 17:23:03.100878 2022] [ssl:error] [pid 168047] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=server1.p******s.ca,O=P*******T>
[Wed Mar 09 17:23:03.100891 2022] [ssl:error] [pid 168047] AH02604: Unable to configure certificate server1.p******s.ca:8081:0 for stapling
[Wed Mar 09 17:23:03.100951 2022] [suexec:notice] [pid 168047] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)
[Wed Mar 09 17:23:03.276952 2022] [ssl:warn] [pid 168049] AH01906: server1.p******s.ca:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Mar 09 17:23:03.277097 2022] [ssl:error] [pid 168049] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=server1.p******s.ca,O=P*****T>
[Wed Mar 09 17:23:03.277108 2022] [ssl:error] [pid 168049] AH02604: Unable to configure certificate server1.p******s.ca:8080:0 for stapling

[Wed Mar 09 17:23:35.665189 2022] [core:error] [pid 168062] [client 96.51.224.72:51214] End of script output before headers: index.php
suexec policy violation: see suexec log for more details
[Wed Mar 09 17:23:48.137421 2022] [fcgid:warn] [pid 168053] (104)Connection reset by peer: [client 96.51.224.72:51218] mod_fcgid: error reading data from FastCGI server
[Wed Mar 09 17:23:48.137458 2022] [core:error] [pid 168053] [client 96.51.224.72:51218] End of script output before headers: index.php
suexec policy violation: see suexec log for more details
[Wed Mar 09 17:24:15.721071 2022] [fcgid:warn] [pid 168089] (104)Connection reset by peer: [client 96.51.224.72:51232] mod_fcgid: error reading data from FastCGI server
[Wed Mar 09 17:24:15.721145 2022] [core:error] [pid 168089] [client 96.51.224.72:51232] End of script output before headers: index.php
suexec policy violation: see suexec log for more details
[Wed Mar 09 17:24:57.476689 2022] [fcgid:warn] [pid 168091] (104)Connection reset by peer: [client 96.51.224.72:52377] mod_fcgid: error reading data from FastCGI server
[Wed Mar 09 17:24:57.476766 2022] [core:error] [pid 168091] [client 96.51.224.72:52377] End of script output before headers: index.php
[Wed Mar 09 17:23:03.827487 2022] [fcgid:warn] [pid 168053] (104)Connection reset by peer: [client 96.51.224.72:51202] mod_fcgid: error reading data from FastCGI server, referer: https>
[Wed Mar 09 17:23:03.827576 2022] [core:error] [pid 168053] [client 96.51.224.72:51202] End of script output before headers: datalogstatus.php, referer: https://server1.p******s>
suexec policy violation: see suexec log for more details
[Wed Mar 09 17:23:24.761006 2022] [fcgid:warn] [pid 168054] (104)Connection reset by peer: [client 96.51.224.72:51204] mod_fcgid: error reading data from FastCGI server, referer: https>
[Wed Mar 09 17:23:24.761085 2022] [core:error] [pid 168054] [client 96.51.224.72:51204] End of script output before headers: web_vhost_domain_edit.php, referer: https://server1.p*****>
suexec policy violation: see suexec log for more details
[Wed Mar 09 17:23:28.005851 2022] [fcgid:warn] [pid 168062] (104)Connection reset by peer: [client 96.51.224.72:51206] mod_fcgid: error reading data from FastCGI server, referer: https>
[Wed Mar 09 17:23:28.005946 2022] [core:error] [pid 168062] [client 96.51.224.72:51206] End of script output before headers: web_vhost_domain_edit.php, referer: https://server1.p*****>
suexec policy violation: see suexec log for more details
[Wed Mar 09 17:23:29.890544 2022] [fcgid:warn] [pid 168056] (104)Connection reset by peer: [client 96.51.224.72:51208] mod_fcgid: error reading data from FastCGI server, referer: https>
[Wed Mar 09 17:23:29.890595 2022] [core:error] [pid 168056] [client 96.51.224.72:51208] End of script output before headers: web_vhost_domain_edit.php, referer: https://server1.p*****>
suexec policy violation: see suexec log for more details

and this from the suexec log

Code:

[2022-03-10 02:01:50]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 02:01:50]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 03:41:04]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 03:41:04]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 05:33:29]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 05:33:29]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 05:33:29]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 05:33:29]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 05:33:29]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 05:33:29]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 06:35:44]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 06:35:44]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 15:16:32]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 15:16:32]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 16:27:58]: uid: (5006/web3) gid: (5007/client3) cmd: .php-fcgi-starter
[2022-03-10 16:27:58]: target uid/gid (5006/5007) mismatch with directory (33/33) or program (5006/5007)
[2022-03-10 16:38:20]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
[2022-03-10 16:38:20]: target uid/gid (5003/5004) mismatch with directory (33/33) or program (5003/5004)

Just prior to this, I added the ISPConfig client user to the www-data group, to allow Wordpress to install themes/plugins

 

Code:

total 112
drwxr-x--- 19 ispconfig ispconfig 4096 Mar  8 16:11 .
drwxr-x---  9 ispconfig ispconfig 4096 Mar  8 16:11 ..
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 admin
-rwxr-x---  1 ispconfig ispconfig 3212 Mar  8 16:11 capp.php
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 client
-rwxr-x---  1 ispconfig ispconfig 2970 Mar  8 16:11 content.php
drwxr-x---  7 ispconfig ispconfig 4096 Mar  8 16:11 dashboard
-rwxr-x---  1 ispconfig ispconfig 1901 Mar  8 16:11 datalogstatus.php
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 dns
-rwxr-x---  1 ispconfig ispconfig    0 Mar  8 16:11 dummy_login.html
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 help
-rwxr-x---  1 ispconfig ispconfig 4533 Mar  8 16:11 index.php
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 js
-rwxr-x---  1 ispconfig ispconfig 1649 Mar  8 16:11 keepalive.php
drwxr-x---  4 ispconfig ispconfig 4096 Mar  8 16:11 login
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 mail
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 mailuser
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 monitor
-rwxr-x---  1 ispconfig ispconfig 5177 Mar  8 16:11 nav.php
drwxr-x---  2 ispconfig ispconfig 4096 Mar  8 16:11 remote
-rwxr-x---  1 ispconfig ispconfig   26 Mar  8 16:11 robots.txt
drwxr-x---  7 ispconfig ispconfig 4096 Mar  8 16:11 sites
drwxr-x---  3 ispconfig ispconfig 4096 Mar  8 16:11 strengthmeter
drwxrwx---  2 ispconfig ispconfig 4096 Mar  8 16:11 temp
drwxr-x---  3 ispconfig ispconfig 4096 Mar  8 16:11 themes
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 tools
drwxr-x---  6 ispconfig ispconfig 4096 Mar  8 16:11 vm

suexec was checked in ISPconfig, and PHP mode was not mod_php, as per another post in this forum I referred to. i was still prompted for FTD credentials.

Code:

petersen@server1:~$ groups www-data
www-data : www-data ispapps ispconfig client1 client2 client3
petersen@server1:~$ groups petersen22 petersen33 petersen1
petersen22 : client2 www-data
petersen33 : client3 www-data
petersen1 : client1 www-data
petersen@server1:~$ sudo deluser petersen22 www-data
/usr/sbin/deluser: The user `petersen22' is not a member of group `www-data'.

 

This has caused more problems, as now the server will not start

Code:

Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
Update finished.
petersen@server1:~$ sudo systemctl status apache2.service
● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Thu 2022-03-10 19:22:31 UTC; 20s ago
       Docs: https://httpd.apache.org/docs/2.4/
    Process: 3511 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)

Mar 10 19:22:31 server1.p******s.ca systemd[1]: Starting The Apache HTTP Server...
Mar 10 19:22:31 server1.p******s.ca apachectl[3515]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/a>
Mar 10 19:22:31 server1.p******s.ca apachectl[3515]: AH00526: Syntax error on line 127 of /etc/apache2/sites-enabled/900-p******s.c>
Mar 10 19:22:31 server1.p******s.ca apachectl[3515]: RewriteRule: bad flag delimiters
Mar 10 19:22:31 server1.p******s.ca systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE
Mar 10 19:22:31 server1.p******s.ca apachectl[3511]: Action 'start' failed.
Mar 10 19:22:31 server1.p******s.ca apachectl[3511]: The Apache error log may have more information.
Mar 10 19:22:31 server1.p******s.ca systemd[1]: apache2.service: Failed with result 'exit-code'.
Mar 10 19:22:31 server1.p******s.ca systemd[1]: Failed to start The Apache HTTP Server.

Honestly at this point, I think it's probably easiest to just wipe everything and start over.

 

If you have nothing important on that server, starting over may be the easy and rapid fix.

ISPConfig has in website Redirect tab item "Rewrite HTTP to HTTPS". Tick that on instead of adjusting domain directives.

 

Update:
I have reinstalled, everything is working as it should. I believe the source of my problems was in my haste I neglected to adjust the wordpress file permissions - Overlooking this, my misguided attempts to provide access caused further issues.

I will also note, unrelated to my concerns, while not mentioned in the Perfect Server guide, I was required to run

Code:

apt-get install update-inetd

as a prerequisite for pure-ftpd