Hey there, My ISPConfig was working perfectly, but now when I try to access the admin panel at: https mydomain at 8080 The admin interface won’t load, and I can’t access anything on the server anymore, including the ISPConfig admin, websites, SSH, email, etc. It feels like I’m getting blocked by the firewall. After some time, access is restored automatically. I suspect the issue might be related to an expired SSL certificate. I tried forcing an update on ISPConfig by running: Code: ispconfig_update.sh --force I requested the creation of a new SSL certificate, and everything seemed to go smoothly. However, I’m still facing the same issue when trying to access the admin panel. Does anyone know what might be going on? Thanks!
This is not related to an expired SSL certificate. When an SSL certificate expires, you get an expired SSL certificate error message in the browser, which you can skip easily. Access is never blocked, especially not for other services. It might be that you get blocked b< Fail2ban, check fail2ban.log to see if your IP appears there.
Thanks so much for your response, till! I’m getting the browser error saying the SSL certificate is invalid, but I can’t say for sure that this is what’s causing the block. I was thinking maybe it’s a common issue related to some security feature handled by ISPConfig. I’ll look into how Fail2Ban works and see if I can sort out the problem. I’ll post an update if I find anything.
I still have no clue about the exact cause of the problem, but I'm fairly certain it's related to the SSL certificate. Whenever I try to connect remotely using: Code: openssl s_client -connect server.mydomain.com:8080 my connection gets blocked. However, when I run the same command locally on the server, it works fine. I've already tried disabling Fail2Ban with: Code: systemctl stop fail2ban but the block keeps happening regardless. I’ve gone through all the logs with recent changes in /var/log, but none of them show anything related to the connection being blocked Any ideas on what else might be causing this?
Taleman, thanks for pointing me to your Fail2Ban tutorial — I learned a lot from it! It turns out the issue is actually related to the SSL certificate. For some reason, when trying to connect to the server to validate the certificate, the handshake is interrupted, which is why the ISPConfig admin panel isn’t loading. The problem doesn’t seem to be with ISPConfig or the 'Perfect Server' setup. So, I think this thread doesn’t really apply here and can be deleted. Thanks again for your help! I’ll keep investigating the SSL issue on my end.
Two years ago I bought an SSL certificate from Thawte, which I used to secure my Plesk installation on server.domain.com. Now that the two years are over, I got a message in my browser that Plesk is not longer secure, so I wanted to replace it with a common Let's Encrypt certificate. I removed the Thawte from the list of certificates, got a wildcard certificate for domain.com and went over to Settings > SSL certificate to select 'Let's Encrypt domain.com' as the certificate for securing Plesk. This is accepted, yet my browser apparently insists on using the Thawte certificate, telling me it is insecure. I have tried reloading nginx / Apache, thinking it would reload settings, but to no avail. What can I do to force the new (valid) certificate?
What Plesk has got anything to do with ISPConfig? ISPConfig does not support wildcard certificate out of box yet though one may use it at one's own "costs" and there are already several threads discussed on how to achieve that on an ISPConfig server.
Sounds frustrating! Have you checked if any recent updates or changes could’ve impacted your firewall settings?