Hello everyone! ispconfig3 - with many-many emails. Pretty big trouble. :/ The problem is that we get 403 forbidden on the admin interface. This happens since we deleted 2 users... to be more specific, the ex-admin gave us the superadmin 'admin' login credentials. We logged in with no problems at all. We saw 2 more admin users there, and we deleted them, since we don't need them anymore. Had no errors/warnings when we deleted the users in the interface. Since then, 403. Mail service looks fine on it, we just don't have access to the ispconfig interface. htf-report says 8080 isn't listening. It's propably not a problem, since the port was 17500. Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Ubuntu 18.04.5 LTS [INFO] uptime: 07:13:32 up 25 days, 7:34, 2 users, load average: 0.03, 0.11, 0.09 [INFO] memory: total used free shared buff/cache available Mem: 22G 2.8G 2.0G 63M 18G 19G Swap: 8.0G 780K 8.0G [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.1dev ##### VERSION CHECK ##### [INFO] php (cli) version is 7.2.24-0ubuntu***.***.***.*** [INFO] php-cgi (used for cgi php in default vhost!) is version 7.2.24 ##### PORT CHECK ##### [WARN] Port 8080 (ISPConfig) seems NOT to be listening ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 14411) [INFO] I found the following mail server(s): Postfix (PID 2115) [INFO] I found the following pop3 server(s): Dovecot (PID 994) [INFO] I found the following imap server(s): Dovecot (PID 994) [INFO] I found the following ftp server(s): PureFTP (PID 888) ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:143 (994/dovecot) [anywhere]:465 (2115/master) [anywhere]:21 (888/pure-ftpd) ***.***.***.***:53 (1179/named) [localhost]:53 (1179/named) ***.***.***.***:53 (902/systemd-resolve) [anywhere]:22 (1303/sshd) [anywhere]:25 (2115/master) [localhost]:953 (1179/named) [anywhere]:993 (994/dovecot) [anywhere]:995 (994/dovecot) [localhost]:10023 (1870/postgrey) [localhost]:10024 (2142/amavisd-new) [localhost]:10025 (2115/master) [localhost]:10026 (2142/amavisd-new) [localhost]:10027 (2115/master) [anywhere]:587 (2115/master) [localhost]:11211 (1144/memcached) [anywhere]:110 (994/dovecot) [localhost]43 (994/dovecot) *:*:*:*::*:80 (14411/apache2) *:*:*:*::*:8081 (14411/apache2) *:*:*:*::*:465 (2115/master) *:*:*:*::*:21 (888/pure-ftpd) *:*:*:*::*:53 (1179/named) *:*:*:*::*:22 (1303/sshd) *:*:*:*::*:25 (2115/master) *:*:*:*::*:953 (1179/named) *:*:*:*::*:443 (14411/apache2) [localhost]7500 (14411/apache2) *:*:*:*::*:993 (994/dovecot) *:*:*:*::*:995 (994/dovecot) *:*:*:*::*:10023 (1870/postgrey) *:*:*:*::*:10024 (2142/amavisd-new) *:*:*:*::*:3306 (11601/mysqld) *:*:*:*::*:10026 (2142/amavisd-new) *:*:*:*::*:587 (2115/master) [localhost]10 (994/dovecot) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination f2b-dovecot-pop3imap tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993 f2b-pure-ftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21 f2b-postfix tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-dovecot-pop3imap (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-postfix (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-pure-ftpd (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 ##### LET'S ENCRYPT ##### Certbot is installed in /usr/bin/letsencrypt Thank you!
Check apache error.log to see why you get a 403 error. Deleting admin users in ISPConfig can not cause a 403 error, so this was just a timely coincidence.
I think the same. I opened it now and this is what I get in error.log Code: [Thu Oct 20 09:24:25.507489 2022] [access_compat:error] [pid 23912] [client 192.168.0.200:53037] AH01797: client denied by server configuration: /var/www/ispconfig/
Try to run an ISPConfig update with: ispconfig_update.sh --force and let the updater reconfigure services. Might be that the ispconfig vhost file or fcgi starter or directory permission were changed.
Is this safe on a production server? I didn't even restart the server, I was afraid of a bigger problem. The mail service is working now, if it stops, I'm dead meat.
