Well I've gone around in circles for a week now and still cant get my head around what to do. I have at home a Dell server with Ubuntu 22.04 and the latest ISPConfig installed. I have 4 websites that are currently hosted on Bluehost servers, that I want to move to my home Dell server. I did a practice run with a spare registered domain (allpots.com). I made new custom nameservers ns1.allpots.com, ns2.allpots.com, and made an allpots.com website in ISPConfig, which I couldn't get working. I'm sure I did all the correct configurations in ISPConfig like client, website, dns, etc. Rather than rambling on I will list my most important questions of where I think the problem is: 1: I think I need to generate an IP address in Ubuntu for each website?, how can I do this? 2: In Ubuntu how do I point/connect the new IP address's to the domain names? 3: Should the new website IP addresses be created from the servers main private IP, or the servers public IP address (a format example would be great) Hopefully I'm on the right track and thanks for any help!
Usually this is not needed. So do not do it. ISPConfig uses name based resolution to point URL to website. Use * in all websites at the IP address setting. Is your server and name servers at your intranet, so there is NAT or similar between those and the public Internet? Your name servers indeed seem not working. My signature has link to DNS setup with ISPConfig tutorial.
Choose just * in website settings and not an IP. In general, the public IP is used in DNS and the private IP is used in the website when your system is behind a NAT router.
thanks Taleman and Till, 1: I read somewhere that https websites need a unique IP address? My public IP address is 58.169.XX.XX, I can use this for all the websites? (the gateway IP 192.168.XX.XX is not used?) 2: thanks 3: Sorry I should have said in the original post that I just deleted the allpots website in ISPconfig as I had chopped and changed so much I thought it better to start affresh again ... I guess that's why the name servers now are not showing to work (they previously had 5 locations on the DNS check), A DNS check for allpots now shows the A record showing up on 3 locations. So in summary, I use the servers public IP address in ISPConfig for all 4 websites
This was the case years ago but is not valid any more today. As mentioned, you select * in websites, and In DNS records, you choose the external IP of your router.
I started from scratch again and made up an allpots.com website, database,dns zone. I used the Namecheap domain basic nameservers. I still havent managed to get the site to work, I ran a test script of which most is a mystery for me but I see at the top it says 'could not determine server's ip address by ifconfig' I googled this and cleared the cache as advised, but no change Hopefully you can pick something up from the test script, cheers Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Ubuntu 22.04.1 LTS [INFO] uptime: 09:50:05 up 54 min, 1 user, load average: 0.04, 0.03, 0.05 [INFO] memory: total used free shared buff/cache available Mem: 15Gi 1.8Gi 12Gi 64Mi 1.2Gi 13Gi Swap: 4.0Gi 0B 4.0Gi [INFO] systemd failed services status: UNIT LOAD ACTIVE SUB DESCRIPTION ● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type. 1 loaded units listed. [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.9 ##### VERSION CHECK ##### [INFO] php (cli) version is 8.1.14 [INFO] php-cgi (used for cgi php in default vhost!) is version 8.1.14 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 4651) [INFO] I found the following mail server(s): Postfix (PID 1925) [INFO] I found the following pop3 server(s): Dovecot (PID 1002) [INFO] I found the following imap server(s): Dovecot (PID 1002) [INFO] I found the following ftp server(s): PureFTP (PID 1723) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:53 (835/systemd-resolve) [localhost]:10023 (1429/postgrey) [localhost]:53 (1065/named) [localhost]:53 (1065/named) [localhost]:53 (1065/named) [localhost]:53 (1065/named) [localhost]:953 (1065/named) [localhost]:953 (1065/named) [localhost]:953 (1065/named) [localhost]:953 (1065/named) [localhost]:11334 (1088/rspamd:) [localhost]:11333 (1088/rspamd:) [localhost]:11332 (1088/rspamd:) [anywhere]:4190 (1002/dovecot) ***.***.***.***:53 (1065/named) ***.***.***.***:53 (1065/named) ***.***.***.***:53 (1065/named) ***.***.***.***:53 (1065/named) [localhost]:11211 (914/memcached) [anywhere]:3306 (981/mariadbd) [anywhere]:587 (1925/master) [anywhere]:993 (1002/dovecot) [anywhere]:995 (1002/dovecot) [anywhere]:143 (1002/dovecot) [anywhere]:110 (1002/dovecot) [anywhere]:25 (1925/master) [anywhere]:21 (1723/pure-ftpd) [anywhere]:22 (1079/sshd:) [anywhere]:465 (1925/master) [localhost]:6379 (925/redis-server) *:*:*:*::*:6379 (925/redis-server) *:*:*:*::*53 (1065/named) *:*:*:*::*53 (1065/named) *:*:*:*::*53 (1065/named) *:*:*:*::*53 (1065/named) *:*:*:*::*:8080 (4651/apache2) *:*:*:*::*:8081 (4651/apache2) *:*:*:*::*:4190 (1002/dovecot) *:*:*:*::*3617:ebff:feef:53 (1065/named) *:*:*:*::*3617:ebff:feef:53 (1065/named) *:*:*:*::*3617:ebff:feef:53 (1065/named) *:*:*:*::*3617:ebff:feef:53 (1065/named) *:*:*:*::*:3306 (981/mariadbd) *:*:*:*::*:953 (1065/named) *:*:*:*::*:953 (1065/named) *:*:*:*::*:953 (1065/named) *:*:*:*::*:953 (1065/named) *:*:*:*::*:587 (1925/master) *:*:*:*::*:993 (1002/dovecot) *:*:*:*::*:995 (1002/dovecot) [localhost]43 (1002/dovecot) *:*:*:*::*:80 (4651/apache2) [localhost]10 (1002/dovecot) *:*:*:*::*:25 (1925/master) *:*:*:*::*:21 (1723/pure-ftpd) *:*:*:*::*:22 (1079/sshd:) *:*:*:*::*:465 (1925/master) *:*:*:*::*:443 (4651/apache2) *:*:*:*::*:53 (1065/named) *:*:*:*::*:53 (1065/named) *:*:*:*::*:53 (1065/named) *:*:*:*::*:53 (1065/named) ##### IPTABLES ##### Chain INPUT (policy DROP) target prot opt source destination ufw-before-logging-input all -- [anywhere]/0 [anywhere]/0 ufw-before-input all -- [anywhere]/0 [anywhere]/0 ufw-after-input all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-input all -- [anywhere]/0 [anywhere]/0 ufw-reject-input all -- [anywhere]/0 [anywhere]/0 ufw-track-input all -- [anywhere]/0 [anywhere]/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-before-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-reject-forward all -- [anywhere]/0 [anywhere]/0 ufw-track-forward all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-before-output all -- [anywhere]/0 [anywhere]/0 ufw-after-output all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-reject-output all -- [anywhere]/0 [anywhere]/0 ufw-track-output all -- [anywhere]/0 [anywhere]/0 Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:137 ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:138 ufw-skip-to-policy-input tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:139 ufw-skip-to-policy-input tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:445 ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:67 ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:68 ufw-skip-to-policy-input all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8 ufw-user-forward all -- [anywhere]/0 [anywhere]/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 ctstate INVALID DROP all -- [anywhere]/0 [anywhere]/0 ctstate INVALID ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8 ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp spt:67 dpt:68 ufw-not-local all -- [anywhere]/0 [anywhere]/0 ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:5353 ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:1900 ufw-user-input all -- [anywhere]/0 [anywhere]/0 Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-user-output all -- [anywhere]/0 [anywhere]/0 Chain ufw-logging-allow (0 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 ctstate INVALID limit: avg 3/min burst 10 LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type LOCAL RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type MULTICAST RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 DROP all -- [anywhere]/0 [anywhere]/0 Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-output (0 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination ACCEPT tcp -- [anywhere]/0 [anywhere]/0 ctstate NEW ACCEPT udp -- [anywhere]/0 [anywhere]/0 ctstate NEW Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:21 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:25 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:53 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:110 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:143 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:443 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:465 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:587 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:993 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:995 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:3306 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:4190 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8080 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8081 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 multiport dports 40110:40210 ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:53 Chain ufw-user-limit (0 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] " REJECT all -- [anywhere]/0 [anywhere]/0 reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination ##### LET'S ENCRYPT ##### acme.sh is installed in /root/.acme.sh/acme.sh
that'll be because of the A records at namecheap.... i know it say's they're supposed to be created/active in around 30 minutes... i happened to be trying their basic dns on a domain yesterday and after several hours it still wouldn't resolve, even using nslookup directly against their own nameservers. i had set the ttl to 5 minutes... i then changed the ttl to automatic and the A records started resolving within minutes.. neither allpots.com or www.allpots.com are resolving... Code: nslookup allpots.com DNS1.REGISTRAR-SERVERS.COM Server: DNS1.REGISTRAR-SERVERS.COM Address: 156.154.132.200#53 *** Can't find allpots.com: No answer nslookup www.allpots.com DNS1.REGISTRAR-SERVERS.COM Server: DNS1.REGISTRAR-SERVERS.COM Address: 156.154.132.200#53 ** server can't find www.allpots.com: NXDOMAIN so you're probably experiencing the same thing.. until dns is resolving, you're not going to be able to access a website by name, unless you add it to your local hosts file. letsencrypt certs will not work until dns is working.
In addition to what @nhybgtvfr posted above, do not create a DNS zone in ISPConfig if DNS is hosted externally (in your case at namecheap). A DNS zone has to be created only when you run your own name servers.
thanks nhybgtvfr, I suspect there is a server issue. There could also be a Namecheap nameserver issue also, as I'm running a home server I had to fill in the server name details, but I wasn't sure which IP address to enter, the server's local IP or the allpots website public address, any ideas?
thanks Till, all previously understood from previous comments but I was referring to Namecheap instructions on the server connection where they want the host name and ip address .... My knowledge on all this is about 2 weeks old, just trying to catch up with it all!
NameCheap = DNS and I explained you to use your public IP address for DNS. So, you use the public IP address at namecheap.
Cheers, I had done that but was not sure if I had done the right thing .... did you see anything in the test script that needs attending to?
There is no issue on your server, according to the test script. As @nhybgtvfr pointed out, you can not expect a website or Let's encrypt SSL to work without resolving DNS records.
In #1 you wrote Yet you seem to be using Namecheap name servers. Which way are you trying to set up your system? Do not use both.
yep, I deleted everything and started from scratch again, in case I had put a wrong item somewhere. I found it odd even after a few days I only had a few DNS sites propagated with the custom nameservers I went back to Namecheap basic nameservers and made another website etc and just had a few problems in the last hour or so, but with tills and nhybgtvfr help have it sorted. The last issue just fixed was in Namecheaps DNS where I put allpots in the host name instead of @, but the website has connected up now so thats great! thanks to all!
I can see you are learning on how to run your server from home, like me, since about almost 20 years ago. Among the keys to run "home server" properly are the understanding of your given IP, which is normally a dynamic public IP and managing router's settings especially on how to set fixed local ip for your server and properly forward certain ports from it to your server. In my experience with dynamic IP, the use of CNAME record with the dynamic DNS account to get to your home server is the best rather then setting A record in the DNS server of your choice though it is also possible if automatic is supported with certain level of difficulties. So my guess is you haven't done the above properly, and if so, my advice shall be: First, see if you already created dynamic DNS account, paid or free, and set that up in your router or server to automatically update the your home dynamic IP. If you have not done it yet, you must do that first. Note this service is also provided by public DNS provider like CloudFlare or GoogleDNS but I am not sure if Namecheap has this service available though I think it should. Secondly, set fixed local ip for your server both in the router and in your server. Then forward all the relevant ports from the router to your server. Putting your to DMZ may also work but I do not prefer it and it may not be safe. Thirdly, if you did all of that properly, test your dynamic DNS account IP whether it has properly resolve to your home dynamic IP. If not yet, just wait until it does. Fourthly, test your dynamic IP account whether it is properly set up and will update IP change by shutting down your router for at least 5 minutes and restart it again. If the dynamic IP when changed is properly updated and resolved back to your home router, then you are good to run your server properly from home.