Debian squeeze to jessie ... multiple problems with apache, ispconfig3, websites...

check your
/etc/apache2/conf-available/roundcube.conf
as described in
https://www.howtoforge.com/tutorial/roundcube-installation-on-debian-8-jessie/
I totally haven't seen you're probably missing the mod_php settings for that :/
mod_php is enabled as it seems - all fine here

 

As I mentioned earlier, the /etc/apache2/conf-available/roundcube.conf file is a symbolic link to /etc/roundcube/apache.conf file which I edited. On top of that, the roundcube.conf file in /etc/apache2/conf-enabled is a pointer to the one in conf-available which is a symbolic link to the /etc/roundcube/apache.conf file mentioned above.
I didn't go into the roundcube installation procedures as outlined in Till's recent tutorial because I'm running on an installation I made back in 2011 based on Thomas' Extending Perfect Server - Debian Squeeze [ISPConfig 3]. The installation of Thomas' modifications was done after going through Till's initial instructions sometime back in 2011. It was complicated enough to Thomas' installation and I worried that going back to the "normal" installation might cause a lot of problems.
Things have deteriorated enough that I might be better off taking out roundcube and re-installing it with the debian 8 - jessie procedure. However, once again I'm not sure that I can avoid big problems interfering with the Thomas modifications. Can you (or Till) advise me about whether or not I can get out of this mess without scrubbing everything and reinstalling ispconfig3?
As an afterthought, my other problems with fail2ban and rkhunter might be related to the Thomas modifications too.

 

You probably don't have to do much to your roundcube installation, just just adopt the php-related sections to the config from the howto.
What kind of an issue you have with rkhunter and fail2ban?

 

Well, I made the "require all granted/denied" edits to the configuration file, and added all the mod_php5 material. Now I get a login prompt asking for username, password and server. In my old configuration, the server was recognized, as was the port. However, now it does not recognize either category and I cannot seem to put the server name in by hand either. Of course, I had set it up last time to use the https port so that might be a problem here. Anyway, it is recognizing the mail program.

 

Do you mean this

Code:

$rcmail_config['default_host'] =
$rcmail_config['smtp_server']
 =

part of the roundcube config not recognizing the correct domain?

 

Thanks. Changing the hostname to my server helped eliminate the Servername line, but I still couldn't login. It could be because I'm using a non-standard ssl port. Using an ssl://...../webmail/ address didn't help, nor did an http://.....:sslport/webmail/ address. I keep coming back to questions about the modifications made in the Extending Perfect Server modifications.
Another problem might be that I have not gone ahead and installed the recent roundcube plugin for ispconfig. I've already installed that before and (maybe incorrectly) assumed that it is already installed. Once I can successfully login with a username, maybe I have to go ahead and install the plugin before anything linked to ispconfig users can be seen.
I think I have solved the rkhunter problem, but have made no progress on fail2ban. Ispconfig says that fail2ban is not installed, but at the command level, apt-get says that it is installed.

 

Thanks. Fail2ban is not running. Only ps, sudo and bash are running.
Using /etc/init.d/fail2ban status, I get
● fail2ban.service - LSB: Start/stop fail2ban
Loaded: loaded (/etc/init.d/fail2ban)
Active: active (exited) since Sat 2016-03-19 02:29:26 EDT; 3 days ago
Process: 3946 ExecStop=/etc/init.d/fail2ban stop (code=exited, status=0/SUCCESS)
Process: 3956 ExecStart=/etc/init.d/fail2ban start (code=exited, status=0/SUCCESS)

Mar 19 02:29:26 www.xxxxxxxx.com fail2ban[3956]: Starting authentication failure monitor: fail2banERROR Found no accessible config files for 'filter.d/sasl' under /etc/fail2ban
Mar 19 02:29:26 www.xxxxxxxx.com fail2ban[3956]: ERROR Unable to read the filter
Mar 19 02:29:26 www.xxxxxxxx.com fail2ban[3956]: ERROR Errors in jail 'sasl'. Skipping...
Mar 19 02:29:26 www.xxxxxxxx.com fail2ban[3956]: ERROR No file(s) found for glob /usr/local/roundcube/logs/errors
Mar 19 02:29:26 www.xxxxxxxx.com fail2ban[3956]: ERROR Failed during configuration: Have not found any log file for roundcube jail
Mar 19 02:29:26 www.xxxxxxxx.com fail2ban[3956]: failed!
So sasl is not working well and I don't seem to have the log files for roundcube. Is this insurmountable or should I keep trying? If you recall, we had a conversation several years ago about the Thomas tutorial extending ispconfig. I think your point was that it was not a good idea to do it, but I had already done it and couldn't go backwards. Now I might be in enough trouble that it is no longer realistic to try to fix things and it might be better to re-install the operating system, ispconfig and my websites. I'm not sure I want to go to that trouble, but I seem to have caused ztk.me quite a bit of time on this issue. Now I am taking your time as well.

 

Check your /etc/fail2ban/jail.local
Change

Code:

[sasl]
to
[postfix-sasl]

Make sure that

/etc/fail2ban/filter.d/postfix-sasl.conf exists and it's last line is

Code:

ignoreregex =

to find the roundcube config try

Code:

$cd /etc/fail2ban
$grep -Hirn roundcube

should reveal your roundcube config file, now go to roundcube and setup logging / path for logfile, created it if needed and give propper permissions to let roundcube write to that file and adjust the fail2ban filter.
Maybe you need to add it to logrotate daemon, too.

 

Well, it's quite awhile since your last post. I was too busy to get back to this until now and it seemed like with the exception of mail, things were more or less working. I discovered that fail2ban would not restart every week, but I could get it going by executing a /etc/init.d/fail2ban restart command every week after the log files were renewed. I managed to get rkhunter working and the logfiles rotate all right every week.
However, I have never been able to get mail working since March. The login page to Roundcube is showing fine, but no login is executed. The message is that the connection to the IMAP server failed.
In March I thought that all the webs were working, but one is not. No connection to the server is possible and the error message is as follows:
PDOException: SQLSTATE[28000] [1045] Access denied for user 'xxxxxxx'@'localhost' (using password: YES) in lock_may_be_available() (line 167 of /var/www/clients/clientx/weby/web/includes/lock.inc).
Again, I'm sorry to keep this request open. Thanks for your earlier help.

 

Just wondering whether my Jun 1/16 message was received. I'm still having problems with mail (no mail since March) and two of my webs have the PDO exception.
I made a new posting in the contributer section of IspConfig3 asking about how to re-install, but Till give me a link to a series of postings about how to save/restore an existing IspConfig system. However, since my present system is not really responding, I wasn't sure whether or not saving anything from the old system was worthwhile.
I tried the system test (intro post for this forum). It did not work and there was no output. Again, sorry to keep this request open.