Dediabn LAMP ISPConfig Fresh Install , Not Resolving Domain Correctly

My apologies, think I need to clarify my question a bit, give a context.

In cpanel/whm all the sever admin tasks are managed via whm and the front-end user stuff is managed via cpanel. If you purchase any license (which I highly don't recommend), then the first client is by default the "admin client" through which the webhosting company itself, configures all of its obvious necessities (emails, websites, etc.)

In my rush to get up and running, I created the primary DNS zone for the server without first creating an "admin client" for the zone to be assigned to.

Fundamentally, my question is should I do away with my conception of an "admin client", setup everything related to webhosting company (website, emails, etc.) via my default admin interface (without assigning anything to an "admin client")? Then, only worry about clients when I am ready to start "onboarding" actual clients / resellers.

Thanks, I was just worried that services like RKhunter may send notifications via server1.example.com.

 

Hey fellas,

my webhost blocks port 25 by default, so I am trying to configure mailjet with ISPConfig. Roundcude (and all extensions installed), domain with (LE) SSL configured correctly, and I can receive emails. I can't send emails.

When I send email, I get this error in the mail - log:


Under System >> Server Config >> Mail , I configured the relay host as follows:


Under, System >> Main Config >> Mail , I currently have:



And just for reference, mailjet provides the following SMTP info:



Wondering what I am missing?
Do I need to enter the same username / password in two places?
Can I only use "STARTTLS" under System >> Main Config >> Mail , or can I use "SSL" as well?

 

Yes, I have before / am currently using the mailjet username / password (verified it multiple times, given the authentication SASL auth error)...I also added ":587" previously and it didn't work...

 

I am currently receiving mail.. I cannot send mail

 

According to instructions from @till my mailjet configurations are correct:

https://www.howtoforge.com/community/threads/ispconfig-google-cloud-plataform-and-smarthost.79369/

All of your replies, have ignored my configs under, System >> Main Config >> Mail , so I assume that they are correct.

I will confirm for the 3rd time, that I am currently successfully receiving emails from various external hosts.

From the beginning, I have been logged in, sending email via roundcube from the address [email protected]

As we have not made any progress troubleshooting this, I went ahead searched for:

Code:

SASL LOGIN authentication failed: UGFzc3dvcmQ6

I found this thread on serverfault.com that seems to have several different solutions for my current problem.

https://serverfault.com/questions/2...ication-failed-ugfzc3dvcmq6-find-the-username

Can you verify which solution works best with ISPConfig / Roundcude configuration, so that I may receive email?

thanks.

UPDATE:
I decided to verify if port 587 was setup correctly.
Port 587 is open in the alibaba firewall.

The results of 'sudo nmap -sT -p- XX.XXX.XXX.XX-public-IP' return:

Code:

Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-18 09:33 CST
Nmap scan report for example.com (XX.XXX.XXX.XX-public-IP)
Host is up (0.036s latency).
Not shown: 65523 filtered ports
PORT     STATE  SERVICE
20/tcp   closed ftp-data
21/tcp   open   ftp
53/tcp   open   domain
80/tcp   open   http
110/tcp  open   pop3
143/tcp  open   imap
443/tcp  open   https
587/tcp  open   submission
995/tcp  open   pop3s
3306/tcp open   mysql
5060/tcp open   sip
8080/tcp open   http-proxy

Afterwards, I connected to the server and ran 'ufw status numbered', which returned:

Code:

# ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 20/tcp                     ALLOW IN    Anywhere                 
[ 2] 21/tcp                     ALLOW IN    Anywhere                 
[ 3] 25/tcp                     ALLOW IN    Anywhere                 
[ 4] 53/tcp                     ALLOW IN    Anywhere                 
[ 5] 80/tcp                     ALLOW IN    Anywhere                 
[ 6] 110/tcp                    ALLOW IN    Anywhere                 
[ 7] 143/tcp                    ALLOW IN    Anywhere                 
[ 8] 443/tcp                    ALLOW IN    Anywhere                 
[ 9] 465/tcp                    ALLOW IN    Anywhere                 
[10] 470/tcp                    ALLOW IN    Anywhere                 
[11] 587/tcp                    ALLOW IN    Anywhere                 
[12] 993/tcp                    ALLOW IN    Anywhere                 
[13] 995/tcp                    ALLOW IN    Anywhere                 
[14] 3306/tcp                   ALLOW IN    Anywhere                 
[15] 8080/tcp                   ALLOW IN    Anywhere                 
[16] 8081/tcp                   ALLOW IN    Anywhere                 
[17] 10000/tcp                  ALLOW IN    Anywhere                 
[18] 53/udp                     ALLOW IN    Anywhere                 
[19] 3306/udp                   ALLOW IN    Anywhere                 
[20] 20/tcp (v6)                ALLOW IN    Anywhere (v6)             
[21] 21/tcp (v6)                ALLOW IN    Anywhere (v6)             
[22] 25/tcp (v6)                ALLOW IN    Anywhere (v6)             
[23] 53/tcp (v6)                ALLOW IN    Anywhere (v6)             
[24] 80/tcp (v6)                ALLOW IN    Anywhere (v6)             
[25] 110/tcp (v6)               ALLOW IN    Anywhere (v6)             
[26] 143/tcp (v6)               ALLOW IN    Anywhere (v6)             
[27] 443/tcp (v6)               ALLOW IN    Anywhere (v6)             
[28] 465/tcp (v6)               ALLOW IN    Anywhere (v6)             
[29] 470/tcp (v6)               ALLOW IN    Anywhere (v6)             
[30] 587/tcp (v6)               ALLOW IN    Anywhere (v6)             
[31] 993/tcp (v6)               ALLOW IN    Anywhere (v6)             
[32] 995/tcp (v6)               ALLOW IN    Anywhere (v6)             
[33] 3306/tcp (v6)              ALLOW IN    Anywhere (v6)             
[34] 8080/tcp (v6)              ALLOW IN    Anywhere (v6)             
[35] 8081/tcp (v6)              ALLOW IN    Anywhere (v6)             
[36] 10000/tcp (v6)             ALLOW IN    Anywhere (v6)             
[37] 53/udp (v6)                ALLOW IN    Anywhere (v6)             
[38] 3306/udp (v6)              ALLOW IN    Anywhere (v6)

Seems odd that there are no " ALLOW OUT " directives? Are the above settings correct?
I configured the UFW firewall according to instructions I found in ISPConfig Manual.

 

The mailjet.com smtp does not provide a [email protected] type of login credential. In the screenshot I have posted, the mailjet.com credential is a series of letters and numbers that I have, "copied & pasted" correctly several times from this screen...

into this screen:

I am not using an email client... -all- of my attempts have been via roudcube.

When I use "xxx.mailjet.com:587" I can not send or receive email (according to mailjet 587 is for TLS, and if it doesn't work I should use "xxx.mailjet.com:465"... I followed their instructions and now I receive mail, but I cannot send mail.

I test the DNS records via mailjet.com and this is the result:

 

I re-tested xxx.mailjet.com:587 and the same problem. I can receive email, but I cannot send email

 

When i set-up the domain.. I created a domain key for it... so I had a default domain key, plus the mailjet.com domain key.. so I deleted it... and email is now working (send & receive ) on xxx:mailjet.com:587

Thanks!

 

I will gladly issue the apology for missing the sentence that you highlighted above. Please don't take offense from a noobs moment of frustration using a new tool. As far as I am concerned, the technical support provided here and in the manual, makes you guys open-source superheroes fighting for all that is good and right in the universe.

I hinted at it earlier, in this thread, but now I will be a bit more explicit. Back a in mid-Feb. I made the GIANT MISTAKE of reasoning that perhaps PAID customer support for cpanel/whm products directly from cpanel/whm would be efficient and help me start on-boarding web design clients as webhosting clients faster. WRONG.

In less than one month of dealing with their technical support, I finally contacted their technical support manager and asked him to directly review all 21 of my tickets. He did so... and within 24 hours he sent me an apology letter because it was so obvious that their paid tech support team was useless and were instead attempting to sell me more useless, proprietary cpanel/whm products (not reading tickets, not looking at screenshots, requesting duplicate information on tickets, repeating the same tests as co-workers, ignoring questions, not even understanding how to test the problem being reported, quite literally at one point violating their own "Technical Support Agreement"... I am admittedly a "noob" to webhosting [not the web], but I was able to catch their tech support incorrectly declaring "all is okay", when quite literally one of their apps was eating 5 times the system resources that it should have been.)

Then when the manager agrees in writing how badly their tech support team performed, I of course, request a refund since they wasted a month of my time. The guy instantly " lawyers-up ". I make the same request to their lawyers, since their own customer support manager agreed with me... and the lawyers don't answer, basically challenging me to hire a US based lawyer to sue them, even though they consciously know they were in the wrong.

So yeah, I am a bit " jumpy, frazzled, & paranoid " at the moment because I am currently pulling 18 hour days trying to catch-up on all the webhosting / web design tasks that piled up due to the nightmare known as cpanel/whm. I saved all of my communications with them and once I get ISPConfig working and get caught up, I have decided to add some "hobby time" to my calendar to build a tech blog dedicated to my experience with cpanel/whm [re-publishing everything] as to warn others and try to earn my money back via ads, in addition to filing official anti-trust [monopoly] complaints against them.

So as you can imagine, from my viewpoint... you guys turn "water into wine" and can "rollerblade across the tops of lakes in June" because you guys actually know & understand your own product, provide sufficient documentation, and actually answer questions. In the future, I will gladly limit my posts to until -after- my morning injection of caffeine directly into a major artery .

Again, "my bad".

 

Hey fellas,

I just used these tutorials to install all the different versions of PHP (5.6 to 8.0), everything went smoothly

https://www.howtoforge.com/community/threads/ispconfig-with-php8.85834/
https://www.howtoforge.com/tutorial...fig-3-from-debian-packages-on-debian-8-and-9/

I have 3 items of feedback and a question:

Feedback:
1. ) Step 9 should be updated to have a third "update-alternatives --config" for php-cgi-bin as follows:

It was only because I was reading the comments below the tutorial trying to solve a different problem did I even discover that " update-alternatives --config php-cgi-bin " exists, and when I ran it just to be sure my default php version was returned to 7.3 (Debian 10.5) sure enough, the default value was still at PHP8.0, since that was the last version of PHP installed. Small issue, but can definitely trip people up.

2.) Perhaps there should be a optional " Step 11 " in the tutorial reminding users to run the following for each version of PHP installed since, php-fpm is the recommended php implementation method by php.net:

Code:

# a2enmod proxy_fcgi setenvif
# a2enconf phpX.X-fpm
# systemctl reload apache2

3.) Instead, of having users change "X.X" to "8.0" as recommended in the post below, perhaps a a quick update of the tutorial is in order.
https://www.howtoforge.com/community/threads/ispconfig-with-php8.85834/

I followed this advice and I changed:

Code:

apt-get install php7.4 php7.4-cli php7.4-cgi php7.4-fpm php7.4-gd php7.4-mysql php7.4-imap php7.4-curl php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php7.4-zip php7.4-mbstring php7.4-soap php7.4-opcache libonig5 php7.4-common php7.4-json php7.4-readline php7.4-xml

to

Code:

apt-get install php8.0 php8.0-cli php8.0-cgi php8.0-fpm php8.0-gd php8.0-mysql php8.0-imap php8.0-curl php8.0-intl php8.0-pspell php8.0-sqlite3 php8.0-tidy php8.0-xmlrpc php8.0-xsl php8.0-zip php8.0-mbstring php8.0-soap php8.0-opcache libonig5 php8.0-common php8.0-json php8.0-readline php8.0-xml

Everything installed correctly, except " php8.0-json ", generating the following error message:

Code:

root@server1:~# apt-get install php8.0 php8.0-cli php8.0-cgi php8.0-fpm php8.0-gd php8.0-mysql php8.0-imap php8.0-curl php8.0-intl php8.0-pspell php8.0-sqlite3 php8.0-tidy php8.0-xmlrpc php8.0-xsl php8.0-zip php8.0-mbstring php8.0-soap php8.0-opcache libonig5 php8.0-common php8.0-json php8.0-readline php8.0-xml
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Package php8.0-json is a virtual package provided by:
  php8.0-phpdbg 8.0.3-1+0~20210305.17+debian10~1.gbp899a74
  php8.0-fpm 8.0.3-1+0~20210305.17+debian10~1.gbp899a74
  php8.0-cli 8.0.3-1+0~20210305.17+debian10~1.gbp899a74
  php8.0-cgi 8.0.3-1+0~20210305.17+debian10~1.gbp899a74
  libphp8.0-embed 8.0.3-1+0~20210305.17+debian10~1.gbp899a74
  libapache2-mod-php8.0 8.0.3-1+0~20210305.17+debian10~1.gbp899a74
You should explicitly select one to install.
E: Package 'php8.0-json' has no installation candidate
apt-cache search php8

Which lead to my current question / verification: " As php8.0-cli php8.0-cgi php8.0-fpm " were successfully installed, I don't need to worry about installing php8.0-json, correct?

 

fair enough...

Was I incorrect to setup php-fpm according to ISP-Config standards?

I hear your point about the auotinstaller which makes things easy, but I don't actually get learn that way. Sorry, if my questions are too basic.

 

Thanks for the feedback... based on your response, I undid the PHP-FPM configs I made by running " a2disconf phpX.X-fpm && systemctl reload apache2 " for the different versions of PHP that were installed, thereby putting me back inline with the tutorial.

However, in the process of hardening my shell, I discovered a different issue with PHP. In the tutorial there is the optional instruction to install memcache:



The error being generated after " php -v " being executed:

Code:

root@server1:/tmp# php -v
PHP Warning:  PHP Startup: Unable to load dynamic library 'memcache.so' (tried: /usr/lib/php/20180731/memcache.so (/usr/lib/php/20180731/memcache.so: cannot open shared object file: No such file or directory), /usr/lib/php/20180731/memcache.so.so (/usr/lib/php/20180731/memcache.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
PHP 7.3.27-9+0~20210227.82+debian10~1.gbpa4a3d6 (cli) (built: Feb 27 2021 15:50:50) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.27, Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.3.27-9+0~20210227.82+debian10~1.gbpa4a3d6, Copyright (c) 1999-2018, by Zend Technologies

My " #php --ini " output is:

Code:

root@server1:/tmp# php --ini
PHP Warning:  PHP Startup: Unable to load dynamic library 'memcache.so' (tried: /usr/lib/php/20180731/memcache.so (/usr/lib/php/20180731/memcache.so: cannot open shared object file: No such file or directory), /usr/lib/php/20180731/memcache.so.so (/usr/lib/php/20180731/memcache.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
Configuration File (php.ini) Path: /etc/php/7.3/cli
Loaded Configuration File:         /etc/php/7.3/cli/php.ini
Scan for additional .ini files in: /etc/php/7.3/cli/conf.d
Additional .ini files parsed:      /etc/php/7.3/cli/conf.d/10-mysqlnd.ini,
/etc/php/7.3/cli/conf.d/10-opcache.ini,
/etc/php/7.3/cli/conf.d/10-pdo.ini,
/etc/php/7.3/cli/conf.d/15-xml.ini,
/etc/php/7.3/cli/conf.d/20-calendar.ini,
/etc/php/7.3/cli/conf.d/20-ctype.ini,
/etc/php/7.3/cli/conf.d/20-curl.ini,
/etc/php/7.3/cli/conf.d/20-dom.ini,
/etc/php/7.3/cli/conf.d/20-exif.ini,
/etc/php/7.3/cli/conf.d/20-fileinfo.ini,
/etc/php/7.3/cli/conf.d/20-ftp.ini,
/etc/php/7.3/cli/conf.d/20-gd.ini,
/etc/php/7.3/cli/conf.d/20-gettext.ini,
/etc/php/7.3/cli/conf.d/20-iconv.ini,
/etc/php/7.3/cli/conf.d/20-imagick.ini,
/etc/php/7.3/cli/conf.d/20-imap.ini,
/etc/php/7.3/cli/conf.d/20-intl.ini,
/etc/php/7.3/cli/conf.d/20-json.ini,
/etc/php/7.3/cli/conf.d/20-mbstring.ini,
/etc/php/7.3/cli/conf.d/20-memcache.ini,
/etc/php/7.3/cli/conf.d/20-mysqli.ini,
/etc/php/7.3/cli/conf.d/20-pdo_mysql.ini,
/etc/php/7.3/cli/conf.d/20-pdo_sqlite.ini,
/etc/php/7.3/cli/conf.d/20-phar.ini,
/etc/php/7.3/cli/conf.d/20-posix.ini,
/etc/php/7.3/cli/conf.d/20-pspell.ini,
/etc/php/7.3/cli/conf.d/20-readline.ini,
/etc/php/7.3/cli/conf.d/20-recode.ini,
/etc/php/7.3/cli/conf.d/20-shmop.ini,
/etc/php/7.3/cli/conf.d/20-simplexml.ini,
/etc/php/7.3/cli/conf.d/20-soap.ini,
/etc/php/7.3/cli/conf.d/20-sockets.ini,
/etc/php/7.3/cli/conf.d/20-sqlite3.ini,
/etc/php/7.3/cli/conf.d/20-sysvmsg.ini,
/etc/php/7.3/cli/conf.d/20-sysvsem.ini,
/etc/php/7.3/cli/conf.d/20-sysvshm.ini,
/etc/php/7.3/cli/conf.d/20-tidy.ini,
/etc/php/7.3/cli/conf.d/20-tokenizer.ini,
/etc/php/7.3/cli/conf.d/20-wddx.ini,
/etc/php/7.3/cli/conf.d/20-xmlreader.ini,
/etc/php/7.3/cli/conf.d/20-xmlrpc.ini,
/etc/php/7.3/cli/conf.d/20-xmlwriter.ini,
/etc/php/7.3/cli/conf.d/20-xsl.ini,
/etc/php/7.3/cli/conf.d/20-zip.ini,
/etc/php/7.3/cli/conf.d/30-inotify.ini

And inside of /etc/php/7.3/cli/php.ini I have added " ;extension=memcache.so ". I have tried it hashed and not hashed, but always get the same error.

Searching has turned up nothing useful... any tips?