Problems with Apache2

Discussion in 'General' started by x-myrza, Oct 1, 2022.

  1. x-myrza

    x-myrza New Member

    Hello
    Problems with Apache. Sites from external ip addresses are not accessible. And from internal ip addresses everything works.
    LogApache2:
    Code:
    # tail -f /var/log/apache2/error.log
    [Sat Oct 01 13:55:08.015740 2022] [authz_core:error] [pid 13330] [client ::1:33470] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:00:05.493930 2022] [authz_core:error] [pid 13327] [client ::1:33490] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:05:03.607711 2022] [authz_core:error] [pid 29325] [client ::1:33512] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:10:04.168037 2022] [authz_core:error] [pid 13326] [client ::1:33536] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:15:05.301094 2022] [authz_core:error] [pid 13364] [client ::1:33590] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:20:03.445446 2022] [authz_core:error] [pid 13379] [client ::1:33612] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:25:03.645582 2022] [authz_core:error] [pid 13327] [client ::1:33668] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:30:03.726113 2022] [authz_core:error] [pid 13328] [client ::1:33720] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:35:03.742002 2022] [authz_core:error] [pid 13364] [client ::1:33752] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sat Oct 01 14:40:03.753714 2022] [authz_core:error] [pid 13327] [client ::1:33802] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    and
    Code:
    # grep -rnw /etc/ -e 'allow,deny'
    /etc/apache2/conf-available/localized-error-pages.conf:54:#                             Order allow,deny
    /etc/apache2/conf-available/php7.0-cgi.conf:32:#    Order allow,deny
    /etc/roundcube/apache.conf:15:    Order allow,deny
    /etc/roundcube/apache.conf:33:          Order allow,deny
    /etc/roundcube/apache.conf:45:          Order allow,deny
    /etc/apparmor.d/usr.lib.snapd.snap-confine:39:    /sys/fs/cgroup/devices/snap{,py}.*/devices.{allow,deny} w,
    and Apache conf:
    Code:
    ServerRoot "/etc/apache2"
    DefaultRuntimeDir ${APACHE_RUN_DIR}
    Timeout 300
    KeepAlive On
    MaxKeepAliveRequests 100
    KeepAliveTimeout 5
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}
    HostnameLookups Off
    ErrorLog ${APACHE_LOG_DIR}/error.log
    LogLevel warn
    # Include module configuration:
    IncludeOptional mods-enabled/*.load
    IncludeOptional mods-enabled/*.conf
    # Include list of ports to listen on
    Include ports.conf
    # access here, or in any related virtual host.
    <Directory />
            Options FollowSymLinks
            AllowOverride None
            Require all denied
    </Directory>
    <Directory /usr/share>
            AllowOverride None
            Require all granted
    </Directory>
    <Directory /var/www/>
            Options Indexes FollowSymLinks
            AllowOverride None
            Require all granted
    </Directory>
    #<Directory /srv/>
    #       Options Indexes FollowSymLinks
    #       AllowOverride None
    #       Require all granted
    #</Directory>
    AccessFileName .htaccess
    <FilesMatch "^\.ht">
            Require all denied
    </FilesMatch>
    # Include generic snippets of statements
    IncludeOptional conf-enabled/*.conf
    # Include the virtual host configurations:
    IncludeOptional sites-enabled/
    
    ISPConfig 3 on Debian 9.13 and Apache 2.7. Help, pls.
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    x-myrza likes this.
  3. x-myrza

    x-myrza New Member

    yes partially
    no, installed 8 months ago
    The Perfect Server - Debian 10 (Buster) with Apache, BIND, Dovecot, PureFTPD and ISPConfig 3.2
    Yes, a week ago everything worked. They didn't change anything. And now all sites work on the internal network from other computers. It does not load from external IP addresses, it takes a long time to load and a timeout error occurs on ports 80 and 443. And on port 8080 ispconfig 3 works from external IP addresses. Ufw and fail2ban temporarily disabled.
    Log IPTables:
    Code:
    iptables -S (ipv4)
    -P INPUT DROP
    -P FORWARD DROP
    -P OUTPUT ACCEPT
    -N f2b-dovecot
    -N f2b-postfix-sasl
    -N f2b-pure-ftpd
    -N f2b-sshd
    -N ufw-after-forward
    -N ufw-after-input
    -N ufw-after-logging-forward
    -N ufw-after-logging-input
    -N ufw-after-logging-output
    -N ufw-after-output
    -N ufw-before-forward
    -N ufw-before-input
    -N ufw-before-logging-forward
    -N ufw-before-logging-input
    -N ufw-before-logging-output
    -N ufw-before-output
    -N ufw-logging-allow
    -N ufw-logging-deny
    -N ufw-not-local
    -N ufw-reject-forward
    -N ufw-reject-input
    -N ufw-reject-output
    -N ufw-skip-to-policy-forward
    -N ufw-skip-to-policy-input
    -N ufw-skip-to-policy-output
    -N ufw-track-forward
    -N ufw-track-input
    -N ufw-track-output
    -N ufw-user-forward
    -N ufw-user-input
    -N ufw-user-limit
    -N ufw-user-limit-accept
    -N ufw-user-logging-forward
    -N ufw-user-logging-input
    -N ufw-user-logging-output
    -N ufw-user-output
    -A INPUT -p tcp -m multiport --dports 25 -j f2b-postfix-sasl
    -A INPUT -p tcp -m multiport --dports 110,995,143,993,587,465,4190 -j f2b-dovecot
    -A INPUT -p tcp -m multiport --dports 21 -j f2b-pure-ftpd
    -A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
    -A INPUT -p tcp -m multiport --dports 110,143,993,995 -j ACCEPT
    -A INPUT -p tcp -m multiport --dports 25,465,587 -j ACCEPT
    -A INPUT -p tcp -m multiport --dports 25 -j f2b-postfix-sasl
    -A INPUT -p tcp -m multiport --dports 110,995,143,993,587,465,4190 -j f2b-dovecot
    -A INPUT -p tcp -m multiport --dports 21 -j f2b-pure-ftpd
    -A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
    -A INPUT -j ufw-before-logging-input
    -A INPUT -j ufw-before-input
    -A INPUT -j ufw-after-input
    -A INPUT -j ufw-after-logging-input
    -A INPUT -j ufw-reject-input
    -A INPUT -j ufw-track-input
    -A FORWARD -j ufw-before-logging-forward
    -A FORWARD -j ufw-before-forward
    -A FORWARD -j ufw-after-forward
    -A FORWARD -j ufw-after-logging-forward
    -A FORWARD -j ufw-reject-forward
    -A FORWARD -j ufw-track-forward
    -A OUTPUT -j ufw-before-logging-output
    -A OUTPUT -j ufw-before-output
    -A OUTPUT -j ufw-after-output
    -A OUTPUT -j ufw-after-logging-output
    -A OUTPUT -j ufw-reject-output
    -A OUTPUT -j ufw-track-output
    -A f2b-dovecot -s 92.49.237.175/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-dovecot -j RETURN
    -A f2b-dovecot -j RETURN
    -A f2b-postfix-sasl -s 195.133.18.125/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -s 5.34.207.48/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -s 171.22.30.115/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -s 87.246.7.75/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -s 141.98.11.17/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -s 212.70.149.72/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -s 5.34.204.199/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -s 5.34.207.88/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-postfix-sasl -j RETURN
    -A f2b-postfix-sasl -j RETURN
    -A f2b-pure-ftpd -j RETURN
    -A f2b-pure-ftpd -j RETURN
    -A f2b-sshd -s 221.213.129.46/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.177.173.42/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 131.100.2.61/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 62.204.41.222/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 177.73.136.175/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 179.218.195.50/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 152.89.198.28/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 138.197.182.2/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 179.60.147.99/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 103.145.161.53/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 101.255.65.138/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 112.6.244.66/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 193.142.146.239/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 117.110.40.251/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.177.173.55/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.177.172.87/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 179.43.167.74/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 163.177.78.241/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.177.173.54/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 117.50.88.114/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 196.1.97.206/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 138.197.142.81/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 129.226.205.204/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 222.107.156.227/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 43.132.156.216/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.177.173.61/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 45.125.65.126/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 36.110.228.254/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.177.172.174/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 43.134.200.122/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 211.250.74.124/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 185.110.243.137/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.177.173.52/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 61.194.35.119/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 203.171.20.139/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 180.76.161.192/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 221.122.73.130/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 147.182.139.154/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 173.212.250.114/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 43.154.189.8/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 156.232.9.41/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -j RETURN
    -A f2b-sshd -j RETURN
    -A ufw-after-input -p udp -m udp --dport 137 -j ufw-skip-to-policy-input
    -A ufw-after-input -p udp -m udp --dport 138 -j ufw-skip-to-policy-input
    -A ufw-after-input -p tcp -m tcp --dport 139 -j ufw-skip-to-policy-input
    -A ufw-after-input -p tcp -m tcp --dport 445 -j ufw-skip-to-policy-input
    -A ufw-after-input -p udp -m udp --dport 67 -j ufw-skip-to-policy-input
    -A ufw-after-input -p udp -m udp --dport 68 -j ufw-skip-to-policy-input
    -A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input
    -A ufw-after-logging-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
    -A ufw-after-logging-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
    -A ufw-before-forward -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    -A ufw-before-forward -p icmp -m icmp --icmp-type 3 -j ACCEPT
    -A ufw-before-forward -p icmp -m icmp --icmp-type 4 -j ACCEPT
    -A ufw-before-forward -p icmp -m icmp --icmp-type 11 -j ACCEPT
    -A ufw-before-forward -p icmp -m icmp --icmp-type 12 -j ACCEPT
    -A ufw-before-forward -p icmp -m icmp --icmp-type 8 -j ACCEPT
    -A ufw-before-forward -j ufw-user-forward
    -A ufw-before-input -i lo -j ACCEPT
    -A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    -A ufw-before-input -m conntrack --ctstate INVALID -j ufw-logging-deny
    -A ufw-before-input -m conntrack --ctstate INVALID -j DROP
    -A ufw-before-input -p icmp -m icmp --icmp-type 3 -j ACCEPT
    -A ufw-before-input -p icmp -m icmp --icmp-type 4 -j ACCEPT
    -A ufw-before-input -p icmp -m icmp --icmp-type 11 -j ACCEPT
    -A ufw-before-input -p icmp -m icmp --icmp-type 12 -j ACCEPT
    -A ufw-before-input -p icmp -m icmp --icmp-type 8 -j ACCEPT
    -A ufw-before-input -p udp -m udp --sport 67 --dport 68 -j ACCEPT
    -A ufw-before-input -j ufw-not-local
    -A ufw-before-input -d 224.0.0.251/32 -p udp -m udp --dport 5353 -j ACCEPT
    -A ufw-before-input -d 239.255.255.250/32 -p udp -m udp --dport 1900 -j ACCEPT
    -A ufw-before-input -j ufw-user-input
    -A ufw-before-output -o lo -j ACCEPT
    -A ufw-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    -A ufw-before-output -j ufw-user-output
    -A ufw-logging-allow -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
    -A ufw-logging-deny -m conntrack --ctstate INVALID -m limit --limit 3/min --limit-burst 10 -j RETURN
    -A ufw-logging-deny -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
    -A ufw-not-local -m addrtype --dst-type LOCAL -j RETURN
    -A ufw-not-local -m addrtype --dst-type MULTICAST -j RETURN
    -A ufw-not-local -m addrtype --dst-type BROADCAST -j RETURN
    -A ufw-not-local -m limit --limit 3/min --limit-burst 10 -j ufw-logging-deny
    -A ufw-not-local -j DROP
    -A ufw-skip-to-policy-forward -j DROP
    -A ufw-skip-to-policy-input -j DROP
    -A ufw-skip-to-policy-output -j ACCEPT
    -A ufw-track-output -p tcp -m conntrack --ctstate NEW -j ACCEPT
    -A ufw-track-output -p udp -m conntrack --ctstate NEW -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 21 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 22 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 25 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 53 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 80 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 110 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 143 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 443 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 465 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 587 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 993 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 995 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 3306 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 4190 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 8080 -j ACCEPT
    -A ufw-user-input -p tcp -m tcp --dport 8081 -j ACCEPT
    -A ufw-user-input -p tcp -m multiport --dports 40110:40210 -j ACCEPT
    -A ufw-user-input -p udp -m udp --dport 53 -j ACCEPT
    -A ufw-user-limit -m limit --limit 3/min -j LOG --log-prefix "[UFW LIMIT BLOCK] "
    -A ufw-user-limit -j REJECT --reject-with icmp-port-unreachable
    -A ufw-user-limit-accept -j ACCEPT              
     
  4. x-myrza

    x-myrza New Member

    htf_report
    Code:
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Debian GNU/Linux 9.13 (stretch)
     
    [INFO] uptime:  23:24:40 up 1 day,  2:15,  1 user,  load average: 0,06, 0,05, 0,03
     
    [INFO] memory:
                  total        used        free      shared  buff/cache   available
    Mem:           3,8G        2,0G        419M         93M        1,4G        1,4G
    Swap:          4,0G         60M        3,9G
     
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.7p1
    ##### VERSION CHECK #####
    [INFO] php (cli) version is 7.0.33-0+deb9u12
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.0.33
    [WARN] Your php-cgi in ' . /usr/bin/php-cgi . ' seems to be outdated and might contain known exploits.
    ##### PORT CHECK #####
    [WARN] Port 8080 (ISPConfig) seems NOT to be listening
    ##### MAIL SERVER CHECK #####
    ##### RUNNING SERVER PROCESSES #####
    [INFO] I found the following web server(s):
        Apache 2 (PID 30431)
    [INFO] I found the following mail server(s):
        Postfix (PID 1636)
    [INFO] I found the following pop3 server(s):
        Dovecot (PID 1124)
    [INFO] I found the following imap server(s):
        Dovecot (PID 1124)
    [INFO] I found the following ftp server(s):
        PureFTP (PID 1661)
    
    ##### LISTENING PORTS #####
    (only        ()
    Local        (Address)
    [anywhere]:4190        (1124/dovecot)
    [anywhere]:993        (1124/dovecot)
    [anywhere]:995        (1124/dovecot)
    [localhost]:10023        (803/postgrey)
    [localhost]:10024        (31015/amavisd-new)
    [localhost]:10025        (1636/master)
    [localhost]:10026        (31015/amavisd-new)
    [localhost]:10027        (1636/master)
    [anywhere]:587        (1636/master)
    [localhost]:11211        (926/memcached)
    [anywhere]:110        (1124/dovecot)
    [anywhere]:143        (1124/dovecot)
    [anywhere]:465        (1636/master)
    [anywhere]:21        (1661/pure-ftpd)
    ***.***.***.***:53        (937/named)
    [localhost]:53        (937/named)
    [anywhere]:22        (991/sshd)
    [anywhere]:25        (1636/master)
    [localhost]:953        (937/named)
    *:*:*:*::*:8090        (30431/apache2)
    *:*:*:*::*:443        (30431/apache2)
    *:*:*:*::*:4190        (1124/dovecot)
    *:*:*:*::*:993        (1124/dovecot)
    *:*:*:*::*:995        (1124/dovecot)
    *:*:*:*::*:10023        (803/postgrey)
    *:*:*:*::*:10024        (31015/amavisd-new)
    *:*:*:*::*:10026        (31015/amavisd-new)
    *:*:*:*::*:3306        (1121/mysqld)
    *:*:*:*::*:587        (1636/master)
    [localhost]10        (1124/dovecot)
    [localhost]43        (1124/dovecot)
    *:*:*:*::*:80        (30431/apache2)
    *:*:*:*::*:465        (1636/master)
    *:*:*:*::*:8081        (30431/apache2)
    *:*:*:*::*:21        (1661/pure-ftpd)
    *:*:*:*::*:53        (937/named)
    *:*:*:*::*:22        (991/sshd)
    *:*:*:*::*:25        (1636/master)
    *:*:*:*::*:953        (937/named)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy DROP)
    target     prot opt source               destination         
    f2b-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    f2b-dovecot  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993,587,465,4190
    f2b-pure-ftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,143,993,995
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25,465,587
    f2b-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    f2b-dovecot  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993,587,465,4190
    f2b-pure-ftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    ufw-before-logging-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-before-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-logging-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-reject-input  all  --  [anywhere]/0            [anywhere]/0           
    ufw-track-input  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination         
    ufw-before-logging-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-before-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-logging-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-reject-forward  all  --  [anywhere]/0            [anywhere]/0           
    ufw-track-forward  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination         
    ufw-before-logging-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-before-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-after-logging-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-reject-output  all  --  [anywhere]/0            [anywhere]/0           
    ufw-track-output  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain f2b-dovecot (2 references)
    target     prot opt source               destination         
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain f2b-postfix-sasl (2 references)
    target     prot opt source               destination         
    REJECT     all  --  ***.***.***.***          [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***       [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***          [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***         [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***         [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***          [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain f2b-pure-ftpd (2 references)
    target     prot opt source               destination         
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain f2b-sshd (2 references)
    target     prot opt source               destination         
    REJECT     all  --  ***.***.***.***         [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-after-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-after-input (1 references)
    target     prot opt source               destination         
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:137
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:138
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:139
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:445
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:67
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:68
    ufw-skip-to-policy-input  all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    
    Chain ufw-after-logging-forward (1 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-input (1 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-after-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-forward (1 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 4
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ufw-user-forward  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-before-input (1 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    DROP       all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 4
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:67 dpt:68
    ufw-not-local  all  --  [anywhere]/0            [anywhere]/0           
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***          udp dpt:5353
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:1900
    ufw-user-input  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-before-logging-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-logging-input (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-logging-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-before-output (1 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-user-output  all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-logging-allow (0 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
    
    Chain ufw-logging-deny (2 references)
    target     prot opt source               destination         
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID limit: avg 3/min burst 10
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-not-local (1 references)
    target     prot opt source               destination         
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type LOCAL
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type MULTICAST
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10
    DROP       all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-reject-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-reject-input (1 references)
    target     prot opt source               destination         
    
    Chain ufw-reject-output (1 references)
    target     prot opt source               destination         
    
    Chain ufw-skip-to-policy-forward (0 references)
    target     prot opt source               destination         
    DROP       all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-skip-to-policy-input (7 references)
    target     prot opt source               destination         
    DROP       all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-skip-to-policy-output (0 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-track-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-track-input (1 references)
    target     prot opt source               destination         
    
    Chain ufw-track-output (1 references)
    target     prot opt source               destination         
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    
    Chain ufw-user-forward (1 references)
    target     prot opt source               destination         
    
    Chain ufw-user-input (1 references)
    target     prot opt source               destination         
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:22
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:25
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:53
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:80
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:110
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:143
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:465
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:587
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:993
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:995
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:3306
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:4190
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8080
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8081
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8090
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 40110:40210
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:53
    
    Chain ufw-user-limit (0 references)
    target     prot opt source               destination         
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-port-unreachable
    
    Chain ufw-user-limit-accept (0 references)
    target     prot opt source               destination         
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0           
    
    Chain ufw-user-logging-forward (0 references)
    target     prot opt source               destination         
    
    Chain ufw-user-logging-input (0 references)
    target     prot opt source               destination         
    
    Chain ufw-user-logging-output (0 references)
    target     prot opt source               destination         
    
    Chain ufw-user-output (1 references)
    target     prot opt source               destination         
    
    
    
    
    ##### LET'S ENCRYPT #####
    [WARN] You have both certbot and acme.sh installed. This can lead to problems.
    Certbot: /usr/bin/certbot
    acme.sh: /root/.acme.sh/acme.sh
     
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Do the web request from external network reach that server? See web server log when connections are coming. If nothing was changed on that server, maybe router or firewall was changed?
    You should deal with the WARN messages in the report.
     
  6. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    So your server is using Debian 9 Stretch, not10 Buster. You got a minor problem with your LE Client which should only be one, most probably certbot. Were you upgrading your server when this happened? How did you try accessing your sites from external IP? You can curl from the server to check your sites too.
     
  7. x-myrza

    x-myrza New Member

    No, the web request is not captured. But the connection from the external network to the ISPconfig web request reaches
    Code:
    # tail -f /var/log/apache2/other_vhosts_access.log
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:42:31 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:42:36 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:42:41 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:42:46 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:42:52 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:42:57 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:02 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:07 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:12 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:17 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    mywebmailhostname.com:443 MyInternalIP - - [02/Oct/2022:11:43:21 +0500] "POST /webmail/?_task=mail&_action=refresh HTTP/1.1" 200 955 "https://webmail.mywebmailsitename.com/webmail/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:23 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:28 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:33 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:38 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    mywebmailsitename.com:443 MyInternalIP - - [02/Oct/2022:11:44:22 +0500] "POST /webmail/?_task=mail&_action=refresh HTTP/1.1" 200 953 "https://webmail.mywebmailhostname.com/webmail/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    AllLogsApache:
    Code:
    # tail -f /var/log/apache2/
    access.log                     access.log.4.gz                error.log.11.gz                error.log.7.gz                 other_vhosts_access.log.14.gz  suexec.log                     suexec.log.4.gz
    access.log.1                   access.log.5.gz                error.log.12.gz                error.log.8.gz                 other_vhosts_access.log.2.gz   suexec.log.1                   suexec.log.5.gz
    access.log.10.gz               access.log.6.gz                error.log.13.gz                error.log.9.gz                 other_vhosts_access.log.3.gz   suexec.log.10.gz               suexec.log.6.gz
    access.log.11.gz               access.log.7.gz                error.log.14.gz                other_vhosts_access.log        other_vhosts_access.log.4.gz   suexec.log.11.gz               suexec.log.7.gz
    access.log.12.gz               access.log.8.gz                error.log.2.gz                 other_vhosts_access.log.1      other_vhosts_access.log.5.gz   suexec.log.12.gz               suexec.log.8.gz
    access.log.13.gz               access.log.9.gz                error.log.3.gz                 other_vhosts_access.log.10.gz  other_vhosts_access.log.6.gz   suexec.log.13.gz               suexec.log.9.gz
    access.log.14.gz               error.log                      error.log.4.gz                 other_vhosts_access.log.11.gz  other_vhosts_access.log.7.gz   suexec.log.14.gz
    access.log.2.gz                error.log.1                    error.log.5.gz                 other_vhosts_access.log.12.gz  other_vhosts_access.log.8.gz   suexec.log.2.gz
    access.log.3.gz                error.log.10.gz                error.log.6.gz                 other_vhosts_access.log.13.gz  other_vhosts_access.log.9.gz   suexec.log.3.gz
    # tail -f /var/log/apache2/access.log
    ::1 - - [02/Oct/2022:10:55:03 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:00:03 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:05:03 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:10:03 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:15:04 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:20:03 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:25:03 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:30:03 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:35:04 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [02/Oct/2022:11:40:04 +0500] "GET / HTTP/1.1" 403 363 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ^C
    # tail -f /var/log/apache2/error.log
    [Sun Oct 02 10:55:03.545345 2022] [authz_core:error] [pid 3648] [client ::1:44270] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:00:03.740216 2022] [authz_core:error] [pid 4736] [client ::1:44348] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:05:03.731747 2022] [authz_core:error] [pid 4733] [client ::1:44408] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:10:03.878098 2022] [authz_core:error] [pid 3647] [client ::1:44458] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:15:04.180149 2022] [authz_core:error] [pid 3663] [client ::1:44518] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:20:03.643260 2022] [authz_core:error] [pid 4782] [client ::1:44570] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:25:03.564111 2022] [authz_core:error] [pid 4747] [client ::1:44620] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:30:03.999884 2022] [authz_core:error] [pid 4734] [client ::1:44670] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:35:04.082280 2022] [authz_core:error] [pid 4783] [client ::1:44730] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    [Sun Oct 02 11:40:04.018753 2022] [authz_core:error] [pid 3647] [client ::1:44780] AH01630: client denied by server configuration: /var/www/clients/client0/web1/web/
    ^C
    # tail -f /var/log/apache2/suexec.log
    [2022-10-02 06:28:41]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2022-10-02 11:41:29]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2022-10-02 11:41:29]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2022-10-02 11:41:29]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    ^C
    # tail -f /var/log/apache2/other_vhosts_access.log
    myhostname.com:8080 MyExternalIP - - [02/Oct/2022:11:43:17 +0500] "GET /datalogstatus.php HTTP/1.1" 200 3269 "https://myhostname.com:8080/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
    mywebmailhostname.com:443 MyInternalIP - - [02/Oct/2022:11:43:21 +0500] "POST /webmail/?_task=mail&_action=refresh HTTP/1.1" 200 955 "https://webmail.mywebmailhostname.com/webmail/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
     
  8. x-myrza

    x-myrza New Member

    No, the server has not been updated.
    From different external IP addresses. For example, a home computer and from a phone.
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    My guess is that it is blocked externally by a router or firewall in front of the server. ISPConfig itself does not contain any functions to block requests just from the outside. Might be that your internet access provider or datacenter just changed something to prohibit access.
     
    x-myrza likes this.
  10. x-myrza

    x-myrza New Member

    I called the technical support of Internet services, said technical work is underway. Yes, it seems a problem on the part of the provider. Thank you all, until tomorrow I will.
     
    ahrasis and till like this.

Share This Page