Hi, I have a problem when creating new websites. I am on a multiserver setup, and on my webserver I already created a website, lets call it working.tld, which is working fine. The ispconfig admin panel is also working fine. But when I create an additional website, lets say notworking.tld, i get a 403 error when I visit the website. I don't know if the problem is, that it's an additional website, or if I made some change on the server between setting up the first and the second website, which cause the problem. The fact is that all new websites I now create are not working and give me the same 403 error. Here are some facts about my setup: The webserver is running on a Ubuntu 12.04 VM (OpenVZ). I control the OpenVZ Host myself, and did not make any changes there. I recently installed an SSL-Wildcard certificate, als described here (don't know if that can have anything to do with it): installing ssl cert Here is the output of the ../log/error.log of "notworking.tld": Code: [Fri Feb 28 08:42:55 2014] [error] [client 86.56.160.25] (13)Permission denied: access to / denied [Fri Feb 28 08:42:55 2014] [error] [client 86.56.160.25] (13)Permission denied: access to /error/403.html denied Here is the output of the acces.log: Code: 86.56.160.25 - - [28/Feb/2014:09:12:53 +0100] "GET / HTTP/1.1" 403 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36" 86.56.160.25 - - [28/Feb/2014:09:12:53 +0100] "GET /favicon.ico HTTP/1.1" 403 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36" I compared the vhost files of the working.tld and notworking.tld, and they are essentially identical. Here is the vhost file of the nottworking.tld: Code: <Directory /var/www/notworking.tld> AllowOverride None Order Deny,Allow Deny from all </Directory> <VirtualHost *:80> DocumentRoot /var/www/notworking.tld/web ServerName notworking.tld ServerAlias www.notworking.tld ServerAdmin [email protected] ErrorLog /var/log/ispconfig/httpd/notworking.tld/error.log Alias /error/ "/var/www/notworking.tld/web/error/" ErrorDocument 400 /error/400.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 405 /error/405.html ErrorDocument 500 /error/500.html ErrorDocument 502 /error/502.html ErrorDocument 503 /error/503.html <IfModule mod_ssl.c> </IfModule> <Directory /var/www/notworking.tld/web> Options FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> <Directory /var/www/clients/client1/web13/web> Options FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> # suexec enabled <IfModule mod_suexec.c> SuexecUserGroup web13 client1 </IfModule> # Clear PHP settings of this website <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> # php as fast-cgi enabled # For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html <IfModule mod_fcgid.c> IdleTimeout 300 ProcessLifeTime 3600 # MaxProcessCount 1000 DefaultMinClassProcessCount 0 DefaultMaxClassProcessCount 100 IPCConnectTimeout 3 IPCCommTimeout 360 BusyTimeout 300 </IfModule> <Directory /var/www/notworking.tld/web> AddHandler fcgid-script .php .php3 .php4 .php5 FCGIWrapper /var/www/php-fcgi-scripts/web13/.php-fcgi-starter .php Options +ExecCGI AllowOverride All Order allow,deny Allow from all </Directory> <Directory /var/www/clients/client1/web13/web> AddHandler fcgid-script .php .php3 .php4 .php5 FCGIWrapper /var/www/php-fcgi-scripts/web13/.php-fcgi-starter .php Options +ExecCGI AllowOverride All Order allow,deny Allow from all </Directory> # add support for apache mpm_itk <IfModule mpm_itk_module> AssignUserId web13 client1 </IfModule> <IfModule mod_dav_fs.c> # Do not execute PHP files in webdav directory <Directory /var/www/clients/client1/web13/webdav> <ifModule mod_security2.c> SecRuleRemoveById 960015 SecRuleRemoveById 960032 </ifModule> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> DavLockDB /var/www/clients/client1/web13/tmp/DavLock # DO NOT REMOVE THE COMMENTS! # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE! # WEBDAV BEGIN # WEBDAV END </IfModule> </VirtualHost> I am really a bit stumped about what could cause this problem. I just can't find any apparent reason.
Please post theoutput of: ls -la /var/www/notworking.tld/web/ and check if the user web13 is listed in /etc/passwd
output of ls -la /var/www/notworking.tld/web: Code: drwxrwx--- 12 web13 client1 4096 Feb 28 09:01 . drwx--x--- 9 root root 4096 Feb 28 08:31 .. -rw-r--r-- 1 web13 client1 6604 Feb 28 09:01 authorize.php -rw-r--r-- 1 web13 client1 82208 Feb 28 09:01 CHANGELOG.txt -rw-r--r-- 1 web13 client1 1481 Feb 28 09:01 COPYRIGHT.txt -rw-r--r-- 1 web13 client1 720 Feb 28 09:01 cron.php drwxr-xr-x 2 web13 client1 4096 Feb 28 08:31 error -rw-r--r-- 1 web13 client1 2178 Feb 28 09:01 example-web.config -rw-r--r-- 1 root root 3728 Feb 28 09:01 .htaccess drwxr-xr-x 4 web13 client1 4096 Feb 28 09:01 includes -rw-r--r-- 1 web13 client1 529 Feb 28 09:01 index.php -rw-r--r-- 1 web13 client1 1451 Feb 28 09:01 INSTALL.mysql.txt -rw-r--r-- 1 web13 client1 1874 Feb 28 09:01 INSTALL.pgsql.txt -rw-r--r-- 1 web13 client1 703 Feb 28 09:01 install.php -rw-r--r-- 1 web13 client1 1298 Feb 28 09:01 INSTALL.sqlite.txt -rw-r--r-- 1 web13 client1 17861 Feb 28 09:01 INSTALL.txt -rw-r--r-- 1 web13 client1 18092 Feb 28 09:01 LICENSE.txt -rw-r--r-- 1 web13 client1 8191 Feb 28 09:01 MAINTAINERS.txt drwxr-xr-x 4 web13 client1 4096 Feb 28 09:01 misc drwxr-xr-x 42 web13 client1 4096 Feb 28 09:01 modules drwxr-xr-x 5 web13 client1 4096 Feb 28 09:01 profiles -rw-r--r-- 1 web13 client1 5376 Feb 28 09:01 README.txt -rw-r--r-- 1 web13 client1 1561 Feb 28 09:01 robots.txt drwxr-xr-x 2 web13 client1 4096 Feb 28 09:01 scripts drwxr-xr-x 4 web13 client1 4096 Feb 28 09:01 sites drwxr-xr-x 2 root root 4096 Feb 28 08:31 stats drwxr-xr-x 7 web13 client1 4096 Feb 28 09:01 themes drwxr-xr-x 2 web13 client1 4096 Feb 28 09:01 tmp -rw-r--r-- 1 web13 client1 20989 Feb 28 09:01 update.php -rw-r--r-- 1 web13 client1 20017 Feb 28 09:01 update.php.orig -rw-r--r-- 1 web13 client1 9642 Feb 28 09:01 UPGRADE.txt -rw-r--r-- 1 web13 client1 417 Feb 28 09:01 xmlrpc.php It's an empty drupal installation via APS installer. The same thing works in the working.tld The user web13 is listed in /etc/passwd: web13:x:1009:1005::/var/www/clients/client1/web13:/bin/false
1) Do the working sites use * or the ip address in website settings? 2) try a: chmod +x /var/www/notworking.tld/web
the chmod +x didnt work. You might be onto something with * for ipaddress in the website settings: I recall that I could use an ipaddress after i set up the multiserver setup. But now, i can only select *.
Take a look int the vhost file of a working site, does it use * or an IP in this line: <VirtualHost *:80>
my hosts file looks like this, if this is any help: fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 1.2.3.50 ns2.mydomain.tld ns2 1.2.3.42 db1.mydomain.tld db1 1.2.3.49 mail1.mydomain.tld mail1 1.2.3.43 ns1.mydomain.tld ns1 127.0.0.1 localhost.localdomain localhost 1.2.3.41 web1.mydomain.tld web1 ::1 localhost ip6-localhost ip6-loopback
I just did a "php -q update.php" of ispconfig and reconfigured servcies - now adding websites works again. I'll check if everything else works after the update, but for now it's seems fine. Sorry for bothering you - next time I'll do the reconfigure before I ask for help.