Excuse me, sir. Your PHP is showing.

Discussion in 'Installation/Configuration' started by tgansert, May 20, 2006.

  1. tgansert

    tgansert New Member

    When I go to https://vhost.vdomain.tld, I see actual PHP code. mod_php is loaded in apache-ssl via 'apache-modconf apache-ssl enable mod_php'. This is confirmed in dpkg-reconfigure apache-ssl. I cannot confirm it any other way.

    Is this apache-ssl being driven from another conf file?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    If you have ISPConfig installed, just check the php checkbox for the website in ISPConfig and the vhost is configured for PHP with and without SSL. SSL is only configured, yif you checked the SSL checkbox for the website and created an SSL certificate on the options tab.
     
  3. tgansert

    tgansert New Member

    Both PHP and SSL are checked off.
     
  4. falko

    falko Super Moderator Howtoforge Staff

    You mean they are enabled?
    Which distribution do you use?
     
  5. tgansert

    tgansert New Member

    Yes, both SSL & PHP are enabled (default for every vhost/vdom).

    Distros:
    Apache/1.3.34 (Debian)
    PHP/4.4.2-1
    mod_ssl/2.8.25
    OpenSSL/0.9.8a
    MySQL/5.0.16
    ISPConfig/2.2.2
     
  6. falko

    falko Super Moderator Howtoforge Staff

  7. tgansert

    tgansert New Member

    I've removed the apache-ssl server, but only get a 404 error when I browse to the site over SSL. Where are the SSL logs? /var/log/apache-ssl/ and some manual logs I have set up report nothing.
     
  8. falko

    falko Super Moderator Howtoforge Staff

    Is it the ISPConfig 404 page, or the standard Apache 404 page?
    The error log should be in /var/log/apache or /var/log/apache2 or similar.
     
  9. tgansert

    tgansert New Member

    The error I received is 'Connection Refused'. Funny how it took downloading Mozilla to get the proper error. IE7 and FireFox both gave me cute and cuddly apologies that didn't tell me anything about why the site failed to return any response.

    As far as logs are concerned, during a time when the webserver never gets hit, in the /var/log/ directory I did a du -a > ../du1 then refreshed the page about 50 times, then did a du -a > ../du2. After that I did vimdiff du1 du2 and I could see a summary of all files that had been changed between the two du -a commands (about a 5 minute span). I saw some changes in syslog and mail, but all of the changes I saw were not related to Apache, SSL, or ISPConfig.
     
  10. falko

    falko Super Moderator Howtoforge Staff

    Ok, that's not a 404 error.
    What's the output of
    Code:
    netstat -tap
    and
    Code:
    iptables -L
    ?
     
  11. tgansert

    tgansert New Member

    netstat -tap
    Code:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 *:pop3s                 *:*                     LISTEN     1202/inetd
    tcp        0      0 *:swat                  *:*                     LISTEN     1202/inetd
    tcp        0      0 *:902                   *:*                     LISTEN     1567/rpc.statd
    tcp        0      0 localhost:mysql         *:*                     LISTEN     27459/mysqld
    tcp        0      0 *:netbios-ssn           *:*                     LISTEN     1402/smbd
    tcp        0      0 *:pop3                  *:*                     LISTEN     1202/inetd
    tcp        0      0 localhost:spamd         *:*                     LISTEN     8098/spamd.pid
    tcp        0      0 *:imap2                 *:*                     LISTEN     1202/inetd
    tcp        0      0 *:sunrpc                *:*                     LISTEN     902/portmap
    tcp        0      0 *:www                   *:*                     LISTEN     27508/apache
    tcp        0      0 *:81                    *:*                     LISTEN     22638/ispconfig_htt
    tcp        0      0 *:ftp                   *:*                     LISTEN     20987/proftpd: (acc
    tcp        0      0 actualhost.actualdomain.tld:domain *:*                     LISTEN     1119/named
    tcp        0      0 localhost:domain        *:*                     LISTEN     1119/named
    tcp        0      0 actualhost.actualdomain.tld:ssh *:*                     LISTEN     7553/sshd
    tcp        0      0 *:smtp                  *:*                     LISTEN     20860/master
    tcp        0      0 localhost:891           *:*                     LISTEN     1563/famd
    tcp        0      0 *:microsoft-ds          *:*                     LISTEN     1402/smbd
    tcp        0    240 actualhost.actualdomain.tld:ssh chl-lclnscvi.sjco:15970 ESTABLISHED15444/sshd: tganser
    tcp        0  27740 actualhost.actualdomain.tld:www 71.225.188.13:3646      ESTABLISHED21086/apache
    tcp        0  42108 actualhost.actualdomain.tld:www h-68-165-25-218.ph:4836 ESTABLISHED21106/apache
    tcp        0  14520 actualhost.actualdomain.tld:www h-68-165-25-218.ph:4829 ESTABLISHED20944/apache
    tcp        0  24684 actualhost.actualdomain.tld:www h-68-165-25-218.ph:1180 ESTABLISHED20946/apache
    tcp        0  20318 actualhost.actualdomain.tld:www h-68-165-25-218.ph:1179 ESTABLISHED20945/apache
    tcp        0      0 actualhost.actualdomain.tld:www pool-64-222-36-49:50444 ESTABLISHED21701/apache
    tcp        0      0 actualhost.actualdomain.tld:www pool-64-222-36-49:50454 ESTABLISHED21709/apache
    
    iptables -L
    Code:
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    
     
  12. falko

    falko Super Moderator Howtoforge Staff

    Ok, your Apache isn't listening on port 443. Please add
    Code:
    Listen 443 
    to its configuration and restart it.
     
  13. tgansert

    tgansert New Member

    I added that and it no longer served over port 80.. Here's is what my webserver serves:

    actualhost.actualdomain.tld - 80 - forums
    actualhost.actualdomain.tld - 81 - ispconfig
    virtualhost1.virtualdomain.tld - 80 - redirect to same host port 81
    virtualhost1.virtualdomain.tld - 81 - ispconfig webmail

    What I need now is to serve:
    actualhost.actualdomain.tld - 80 - forums
    actualhost.actualdomain.tld - 81 - ispconfig
    virtualhost1.virtualdomain.tld - 80 - redirect to same host port 443
    virtualhost1.virtualdomain.tld - 443 - ispconfig webmail
    virtualhost2.virtualdomain.tld - 80 - redirect to same host port 443
    virtualhost2.virtualdomain.tld - 443 - ispconfig webmail
    ...and so on...

    Now, I tried your change in both /etc/apache/httpd.conf and /root/ispconfig/httpd/conf/httpd.conf (*restarting the server afterwards) and neither had the intended effect. Also, I could not determine what the latter path's configuration file was intended to affect. I checked both the actual and virtual URL's, then checked ISPConfig and neither was following the directive.. What does ISPConfig's httpd server serve?
     
  14. tgansert

    tgansert New Member

    This looks odd to me as well.. Never said this before:

    Code:
    Shutting down ISPConfig system...
    [B]/root/ispconfig/httpd/bin/apachectl stop: httpd (no pid file) not running[/B]
    ISPConfig system stopped!
    Starting ISPConfig system...
    /root/ispconfig/httpd/bin/apachectl startssl: httpd started
    ISPConfig system is now up and running!
     
  15. till

    till Super Moderator Staff Member ISPConfig Developer

    The ISPConfig interface.

    Dont change anything in the ISPConfig httpd setup if you dont know exactly what you are doing.
     
  16. tgansert

    tgansert New Member

    How can I acheive this? I can't seem to get SSL to work at all..
     
  17. falko

    falko Super Moderator Howtoforge Staff

    Have a look at the Apache configuration section in the appropriate tutorial on HowtoForge.
     

Share This Page