no more access after update to ISPConfig 3.1.13

Discussion in 'Installation/Configuration' started by juliokr, Sep 13, 2018.

  1. juliokr

    juliokr New Member

    Hi I just updated to ISPConfig 3.1.13 running ispconfig_update.sh
    now can not open the panel and also all sites are down.
    I tried to restart Apache and I get this :
    Code:
    - Logs begin at Thu 2018-09-13 19:36:32 CEST, end at Thu 2018-09-13 20:16:02 CEST. -- Sep 13 20:16:01 server2 apache2[8708]: The Apache error log may have more information. Sep 13 20:16:01 server2 systemd[1]: apache2.service: control process exited, code=exitedSep 13 20:16:01 server2 systemd[1]: Failed to start LSB: Apache2 web server.
    
    | while read line; do echo `/bin/d
    
    [LIST]
    [*]--  Subject: Unit apache2.service has failed
    
    
    [*]--  Defined-By: systemd
    
    
    [*]--  Support: 
    
    
    [*]--  Unit apache2.service has failed. --
    
    
    [*]--  The result is failed.
    Sep 13 20:16:01 server2 systemd[1]: Sep 13 20:16:01 server2 CRON[8749]: Sep 13 20:16:01 server2 CRON[8748]: Sep 13 20:16:01 server2 CRON[8750]: Sep 13 20:16:01 server2 CRON[8751]: Sep 13 20:16:02 server2 CRON[8748]: Sep 13 20:16:02 server2 CRON[8749]:~
    
    ~
    lines 1-18/18 (END)
    [/LIST]
    Unit apache2.service entered failed state.
    
    pam_unix(cron:session): session opened for
    pam_unix(cron:session): session opened for
    (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/d pam_unix(cron:session): session closed for user root
    pam_unix(cron:session): session closed for user root
    
    Anybody an idea what I can do ?
     
    Last edited: Sep 13, 2018
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  3. juliokr

    juliokr New Member

    I'm running Debian 8
    Code:
    
    root@server2:~# php -q htf-common-issues.php --debug
    
    
    ##### SERVER #####
    
    IP-address (as per hostname): 94.177.241.183
    
    IP-address(es) (as per ifconfig): 94.177.241.183
    
    [INFO] ISPConfig is installed.
    
    
    ##### ISPCONFIG #####
    
    ISPConfig version is 3.1.13
    
    
    
    ##### VERSION CHECK #####
    
    
    [INFO] php (cli) version is 5.6.37-0+deb8u1
    
    [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.37-0+deb8u1
    
    
    ##### PORT CHECK #####
    
    
    [WARN] Port 8080 (ISPConfig) seems NOT to be listening
    
    [WARN] Port 8081 (ISPConfig Apps) seems NOT to be listening
    
    [WARN] Port 80 (Webserver) seems NOT to be listening
    
    [WARN] Port 443 (Webserver SSL) seems NOT to be listening
    
    [WARN] Port 465 (SMTP server SSL) seems NOT to be listening
    
    
    ##### MAIL SERVER CHECK #####
    
    
    [WARN] I found no "smtps" entry in your postfix master.cf
    
    [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this.
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    
    [WARN] I could not determine which web server is running.
    
    [INFO] I found the following mail server(s):
    
        Postfix (PID 4097)
    
    [INFO] I found the following pop3 server(s):
    
        Dovecot (PID 3531)
    
    [INFO] I found the following imap server(s):
    
        Unknown process (init) (PID 1)
    
    [INFO] I found the following ftp server(s):
    
        PureFTP (PID 3911)
    
    
    ##### LISTENING PORTS #####
    
    (only        ()
    
    Local        (Address)
    
    0.0.0.0:995        (3531/dovecot)
    
    127.0.0.1:8997        (3484/php-fpm.conf))
    
    127.0.0.1:10023        (3785/postgrey.pid)
    
    127.0.0.1:10024        (4200/amavisd-new)
    
    127.0.0.1:10025        (4097/master)
    
    0.0.0.0:43785        (3450/rpc.statd)
    
    127.0.0.1:10026        (4200/amavisd-new)
    
    127.0.0.1:10027        (4097/master)
    
    0.0.0.0:587        (4097/master)
    
    127.0.0.1:11211        (3483/memcached)
    
    0.0.0.0:110        (3531/dovecot)
    
    0.0.0.0:143        (1/init)
    
    0.0.0.0:111        (3437/rpcbind)
    
    0.0.0.0:21        (3911/pure-ftpd)
    
    94.177.241.183:53        (3479/named)
    
    127.0.0.1:53        (3479/named)
    
    0.0.0.0:22        (6867/sshd)
    
    0.0.0.0:25        (4097/master)
    
    127.0.0.1:953        (3479/named)
    
    0.0.0.0:993        (1/init)
    
    :::995        (3531/dovecot)
    
    ::1:10023        (3785/postgrey.pid)
    
    ::1:10024        (4200/amavisd-new)
    
    ::1:10026        (4200/amavisd-new)
    
    :::3306        (3783/mysqld)
    
    :::587        (4097/master)
    
    :::110        (3531/dovecot)
    
    :::143        (1/init)
    
    :::111        (3437/rpcbind)
    
    :::51764        (3450/rpc.statd)
    
    :::21        (3911/pure-ftpd)
    
    :::53        (3479/named)
    
    :::22        (6867/sshd)
    
    :::25        (4097/master)
    
    ::1:953        (3479/named)
    
    :::993        (1/init)
    
    
    
    
    
    ##### IPTABLES #####
    
    Chain INPUT (policy ACCEPT)
    
    target     prot opt source               destination        
    
    fail2ban-postfix-sasl  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 25
    
    fail2ban-dovecot-pop3imap  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 110,995,143,993
    
    fail2ban-pureftpd  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 21
    
    fail2ban-ssh  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 22
    
    
    Chain FORWARD (policy ACCEPT)
    
    target     prot opt source               destination        
    
    
    Chain OUTPUT (policy ACCEPT)
    
    target     prot opt source               destination        
    
    
    Chain fail2ban-dovecot-pop3imap (1 references)
    
    target     prot opt source               destination        
    
    RETURN     all  --  0.0.0.0/0            0.0.0.0/0          
    
    
    Chain fail2ban-postfix-sasl (1 references)
    
    target     prot opt source               destination        
    
    REJECT     all  --  181.214.206.181      0.0.0.0/0            reject-with icmp-port-unreachable
    
    REJECT     all  --  181.214.206.102      0.0.0.0/0            reject-with icmp-port-unreachable
    
    RETURN     all  --  0.0.0.0/0            0.0.0.0/0          
    
    
    Chain fail2ban-pureftpd (1 references)
    
    target     prot opt source               destination        
    
    RETURN     all  --  0.0.0.0/0            0.0.0.0/0          
    
    
    Chain fail2ban-ssh (1 references)
    
    target     prot opt source               destination        
    
    RETURN     all  --  0.0.0.0/0            0.0.0.0/0          
    
    
    
    when I start Apache I get
    Code:
    root@server2:~# systemctl start apache2
    
    Job for apache2.service failed. See 'systemctl status apache2.service' and 'journalctl -xn' for details.
    
    systemctl status apache2.service
    Code:
     apache2.service - LSB: Apache2 web server
    
       Loaded: loaded (/etc/init.d/apache2)
    
      Drop-In: /lib/systemd/system/apache2.service.d
    
              └─forking.conf
    
       Active: failed (Result: exit-code) since Fri 2018-09-14 00:51:35 CEST; 2min 37s ago
    
      Process: 4324 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE)
    
    
    Sep 14 00:51:35 server2 apache2[4324]: The apache2 configtest failed. ... (...).
    
    Sep 14 00:51:35 server2 apache2[4324]: Output of config test was:
    
    Sep 14 00:51:35 server2 apache2[4324]: AH00548: NameVirtualHost has no effe...73
    
    Sep 14 00:51:35 server2 apache2[4324]: AH00526: Syntax error on line 6 of /...t:
    
    Sep 14 00:51:35 server2 apache2[4324]: Port must be specified
    
    Sep 14 00:51:35 server2 apache2[4324]: Action 'configtest' failed.
    
    Sep 14 00:51:35 server2 apache2[4324]: The Apache error log may have more i...n.
    
    Sep 14 00:51:35 server2 systemd[1]: apache2.service: control process exited...=1
    
    Sep 14 00:51:35 server2 systemd[1]: Failed to start LSB: Apache2 web server.
    
    Sep 14 00:51:35 server2 systemd[1]: Unit apache2.service entered failed state.
    
    Hint: Some lines were ellipsized, use -l to show in full.
    
     
    Last edited: Sep 14, 2018
  4. florian030

    florian030 Well-Known Member HowtoForge Supporter

    check "AH00526: Syntax error on line 6 of /...t:" (whatever the file is). You can also check the apache error-log
     
  5. juliokr

    juliokr New Member

    Thank you for the answer
    when I type the command
    Code:
    /var/log/apache2/error.log
    
    I get
    Code:
    -bash: /var/log/apache2/error.log: Permission denied
    
    Sorry my kownledge of server and ssh commands are very limited.I just followed this tutorial when I installed my VPS serveur 2 years ago and never had problems with updates before. Unfortunately this was the first time that I didn't make a backup before updating
     
  6. juliokr

    juliokr New Member

    Still didn't find any solution but more details seems to be here.
    Code:
    -- Logs begin at Sat 2018-09-15 05:21:48 CEST, end at Sat 2018-09-15 11:23:13 CEST. --
    
    Sep 15 11:23:13 server2 apache2[30692]: The apache2 configtest failed. ... (warning).
    
    Sep 15 11:23:13 server2 apache2[30692]: Output of config test was:
    
    Sep 15 11:23:13 server2 apache2[30692]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled
    
    Sep 15 11:23:13 server2 apache2[30692]: AH00526: Syntax error on line 6 of /etc/apache2/sites-enabled/000-ispconfig.vhost:
    
    Sep 15 11:23:13 server2 apache2[30692]: Port must be specified
    
    Sep 15 11:23:13 server2 apache2[30692]: Action 'configtest' failed.
    
    Sep 15 11:23:13 server2 apache2[30692]: The Apache error log may have more information.
    
    Sep 15 11:23:13 server2 systemd[1]: apache2.service: control process exited, code=exited status=1
    
    Sep 15 11:23:13 server2 systemd[1]: Failed to start LSB: Apache2 web server.
    
    -- Subject: Unit apache2.service has failed
    
    -- Defined-By: systemd
    
    -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
    
    --
    
    -- Unit apache2.service has failed.
    
    --
    
    -- The result is failed.
    
    Sep 15 11:23:13 server2 systemd[1]: Unit apache2.service entered failed state.
    
    Anybody an idea what I can do ? Is it possible to re-install apache maybe ?
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Please post line 6 of the file /etc/apache2/sites-enabled/000-ispconfig.vhost. Seems as if you might specify no ispconfig port there.
     
  8. juliokr

    juliokr New Member

    Thanks for the reply
    problem when I type the command line
    Code:
    /etc/apache2/sites-enabled/000-ispconfig.vhost
    
    I get
    Code:
    -bash: /etc/apache2/sites-enabled/000-ispconfig.vhost: Permission denied
    
     
  9. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  10. juliokr

    juliokr New Member

    Thanks for the answer it's true I nearly know nothing about linux.
    and
    Code:
    head /etc/apache2/sites-enabled/000-ispconfig.vhost
    
    says
    Code:
    root@server2:~# head /etc/apache2/sites-enabled/000-ispconfig.vhost
    
    ######################################################
    
    # This virtual host contains the configuration
    
    # for the ISPConfig controlpanel
    
    ######################################################
    
    
     Listen yes
    
    NameVirtualHost *:yes
    
    
    <VirtualHost _default_:yes>
    
      ServerAdmin webmaster@localhost
    
    what does this mean ?
     
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    This means that the ISPConfig installer asked you for the port of the ISPConfig vhost (he suggested to enter 8080) and you entered the word 'yes' instead. Change the word 'yes' in these lines to '8080':

    Code:
     Listen yes
    NameVirtualHost *:yes
    <VirtualHost _default_:yes>
     
  12. juliokr

    juliokr New Member

    OK thanks for the answer I understand know what happened seems that I made the mistake during the update to ISPConfig 3.1.13
    But I still have the problem when I type
    Code:
    /etc/apache2/sites-enabled/000-ispconfig.vhost
    as root user I get
    Code:
    -bash: /etc/apache2/sites-enabled/000-ispconfig.vhost: Permission denied
    is this normal ?
    So I'm not able to change it
     
  13. till

    till Super Moderator Staff Member ISPConfig Developer

    This /etc/apache2/sites-enabled/000-ispconfig.vhost is a file and not a Linux program or script, you can not execute a file on Linux. To edit a file, use an editor, e.g. nano:

    nano /etc/apache2/sites-enabled/000-ispconfig.vhost
     
  14. juliokr

    juliokr New Member

    Thanks a lot. I made the changes but still can not restart apache :
    the complete /etc/apache2/sites-enabled/000-ispconfig.vhost is now like this
    Code:
    ######################################################
    # This virtual host contains the configuration
    # for the ISPConfig controlpanel
    ######################################################
    
     Listen yes
    NameVirtualHost *:8080
    
    <VirtualHost _default_:8080>
      ServerAdmin webmaster@localhost
    
      <Directory /var/www/ispconfig/>
        <FilesMatch "\.ph(p3?|tml)$">
          SetHandler None
        </FilesMatch>
      </Directory>
      <Directory /usr/local/ispconfig/interface/web/>
        <FilesMatch "\.ph(p3?|tml)$">
          SetHandler None
        </FilesMatch>
      </Directory>
    
      <IfModule mod_fcgid.c>
        DocumentRoot /var/www/ispconfig/
        SuexecUserGroup ispconfig ispconfig
        <Directory /var/www/ispconfig/>
          Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
          AllowOverride AuthConfig Indexes Limit Options FileInfo
          <FilesMatch "\.php$">
            SetHandler fcgid-script
          </FilesMatch>
          FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php
                Require all granted
              </Directory>
        IPCCommTimeout  7200
        MaxRequestLen 15728640
      </IfModule>
    
      <IfModule mpm_itk_module>
        DocumentRoot /usr/local/ispconfig/interface/web/
        AssignUserId ispconfig ispconfig
        AddType application/x-httpd-php .php
        <Directory /usr/local/ispconfig/interface/web>
          # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
          Options +FollowSymLinks
          AllowOverride None
                Require all granted
                php_value magic_quotes_gpc        0
        </Directory>
      </IfModule>
    
      # ErrorLog /var/log/apache2/error.log
      # CustomLog /var/log/apache2/access.log combined
      ServerSignature Off
    
      <IfModule mod_security2.c>
        SecRuleEngine Off
      </IfModule>
    
      # SSL Configuration
      SSLEngine On
        SSLProtocol All -SSLv3
        SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
      SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
      #SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
    
      SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-$
      SSLHonorCipherOrder On
    
      <IfModule mod_headers.c>
        Header always add Strict-Transport-Security "max-age=15768000"
            RequestHeader unset Proxy early
      </IfModule>
    SSLUseStapling On
      SSLStaplingResponderTimeout 5
      SSLStaplingReturnResponderErrors Off
      </VirtualHost>
    
    <IfModule mod_ssl.c>
      SSLStaplingCache shmcb:/var/run/ocsp(128000)
    </IfModule>
    
    <Directory /var/www/php-cgi-scripts>
      AllowOverride None
        Require all denied
      </Directory>
    
    <Directory /var/www/php-fcgi-scripts>
      AllowOverride None
        Require all denied
      </Directory>
    
    But I have still

    Code:
    root@server2:~# wget -q -O htf-common-issues.php "http://gitplace.net/pixcept/ispconfig-tools/raw/stable/htf-common-issues.php" && php -q htf-common-issues.php
    
    
    ##### SCRIPT FINISHED #####
    
    Results can be found in htf_report.txt
    
    To view results use your favourite text editor or type 'cat htf_report.txt | more' on the server console.
    
    
    If you want to see the non-anonymized output start the script with --debug as parameter (php -q htf-common-issues.php --debug).
    
    
    root@server2:~# 
    
    root@server2:~# cat htf_report.txt | more
    
    
    ##### SERVER #####
    
    IP-address (as per hostname): ***.***.***.***
    
    IP-address(es) (as per ifconfig): ***.***.***.***
    
    [INFO] ISPConfig is installed.
    
    
    ##### ISPCONFIG #####
    
    ISPConfig version is 3.1.13
    
    
    
    ##### VERSION CHECK #####
    
    
    [INFO] php (cli) version is 5.6.37-0+deb8u1
    
    [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.37-0+deb8u1
    
    
    ##### PORT CHECK #####
    
    
    [WARN] Port 8080 (ISPConfig) seems NOT to be listening
    
    [WARN] Port 8081 (ISPConfig Apps) seems NOT to be listening
    
    [WARN] Port 80 (Webserver) seems NOT to be listening
    
    [WARN] Port 443 (Webserver SSL) seems NOT to be listening
    
    [WARN] Port 465 (SMTP server SSL) seems NOT to be listening
    
    
    ##### MAIL SERVER CHECK #####
    
    
    [WARN] I found no "smtps" entry in your postfix master.cf
    
    [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this.
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    
    [WARN] I could not determine which web server is running.
    
    [INFO] I found the following mail server(s):
    
        Postfix (PID 4101)
    
    [INFO] I found the following pop3 server(s):
    
        Dovecot (PID 3545)
    
    [INFO] I found the following imap server(s):
    
        Unknown process (init) (PID 1)
    
    [INFO] I found the following ftp server(s):
    
        PureFTP (PID 3916)
    
    
    ##### LISTENING PORTS #####
    
    (only        ()
    
    Local        (Address)
    
    [anywhere]:995        (3545/dovecot)
    
    [anywhere]:58628        (3454/rpc.statd)
    
    [localhost]:8997        (3488/php-fpm.conf))
    
    [localhost]:10023        (3789/postgrey.pid)
    
    [localhost]:10024        (4226/amavisd-new)
    
    [localhost]:10025        (4101/master)
    
    [localhost]:10026        (4226/amavisd-new)
    
    [localhost]:10027        (4101/master)
    
    [anywhere]:587        (4101/master)
    
    [localhost]:11211        (3485/memcached)
    
    [anywhere]:110        (3545/dovecot)
    
    [anywhere]:143        (1/init)
    
    [anywhere]:111        (3439/rpcbind)
    
    [anywhere]:21        (3916/pure-ftpd)
    
    ***.***.***.***:53        (3481/named)
    
    [localhost]:53        (3481/named)
    
    [anywhere]:22        (3617/sshd)
    
    [anywhere]:25        (4101/master)
    
    [localhost]:953        (3481/named)
    
    [anywhere]:993        (1/init)
    
    *:*:*:*::*:995        (3545/dovecot)
    
    *:*:*:*::*:10023        (3789/postgrey.pid)
    
    *:*:*:*::*:10024        (4226/amavisd-new)
    
    *:*:*:*::*:10026        (4226/amavisd-new)
    
    *:*:*:*::*:3306        (3787/mysqld)
    
    *:*:*:*::*:587        (4101/master)
    
    [localhost]10        (3545/dovecot)
    
    [localhost]43        (1/init)
    
    [localhost]11        (3439/rpcbind)
    
    *:*:*:*::*:49745        (3454/rpc.statd)
    
    *:*:*:*::*:21        (3916/pure-ftpd)
    
    *:*:*:*::*:53        (3481/named)
    
    *:*:*:*::*:22        (3617/sshd)
    
    *:*:*:*::*:25        (4101/master)
    
    *:*:*:*::*:953        (3481/named)
    
    *:*:*:*::*:993        (1/init)
    
    
    
    
    
    ##### IPTABLES #####
    
    Chain INPUT (policy ACCEPT)
    
    target     prot opt source               destination         
    
    fail2ban-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    
    fail2ban-dovecot-pop3imap  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993
    
    fail2ban-pureftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    
    fail2ban-ssh  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    
    
    Chain FORWARD (policy ACCEPT)
    
    target     prot opt source               destination         
    
    
    Chain OUTPUT (policy ACCEPT)
    
    target     prot opt source               destination         
    
    
    Chain fail2ban-dovecot-pop3imap (1 references)
    
    target     prot opt source               destination         
    
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    
    Chain fail2ban-postfix-sasl (1 references)
    
    target     prot opt source               destination         
    
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    
    Chain fail2ban-pureftpd (1 references)
    
    target     prot opt source               destination         
    
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    
    Chain fail2ban-ssh (1 references)
    
    target     prot opt source               destination         
    
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    
     
  15. till

    till Super Moderator Staff Member ISPConfig Developer

    you missed the yes in the listen line.
     
  16. juliokr

    juliokr New Member

    I'm too blind ! Thank you very much it works now
     

Share This Page