Did you install ISPConfig on a clean and empty server, with no web server or other app running there? Were you able to access ISPConfig on this server before, at the time you installed it? You can do that, but I doubt it will help you as your problem is not lack of RAM at the moment.
which I fully agree on. I was just thinking to prevent dieing mysql or clamav while running the server until the upgrade. It won't fix the configuration issue I assumed, true.
yes, installed on a fresh instances of vultr using their debian. it was a clean slate. i started this instance 8 months ago it was indeed a perfect server .. just LE was not configured correctly. you were bang on the stopping clamav, rspamd and redis, i stopped and restarted but did not help
Ok, so it worked fine until you cahnged something on the system recently. So what did you do? According to the output that you get, you somehow reconfigured Apache to map codeigniter to port 8080 instead of ISPConfig, and that's what you must undo to fix your problem.
leaves me puzzled, bang on and it did not solve =) stopping is not enough if you do a reboot afterwards ( disable, mask, comment out in configuration) ? If this is a fresh setup, any chance you have /var/log/ispconfig_install.log still?
i did not do anything different. the codeigniter output is from sub domain billing.example.com:80 which is picked up by default, server1.example.com:80 both are having same output. sorry, if i have confused you, this output is not coming out of 8080
i did a force install after the server1.example.com:8080 stopped working. so dont know if that would help. anyway will post it shortly
see attached a /etc/apache2/sites-available/ispconfig.vhost just to be sure, I think it's fine for you probably. I took this from a week old new debian 12 setup =) Could you check if an apache module is missing for some reason? sure those are not all needed but worthy checking. ( https://www.howtoforge.com/perfect-server-debian-12-buster-apache-bind-dovecot-ispconfig-3-2/ ) Regarding the port 80 issue, seems you rely on php-fpm which seems not to be configured on there. A quick fix _might_ be, depending on the issue Code: a2enconf php8.2-fpm Also, are you allowing * as IP for Hosts? NameVirtualHost settings for IPs disabled?
Code: ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; disabled; preset: enabled) Drop-In: /etc/systemd/system/clamav-daemon.service.d └─extend.conf Active: active (running) since Sun 2024-05-26 22:17:52 IST; 1min 18s ago TriggeredBy: ● clamav-daemon.socket Docs: man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ Process: 873 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited, status=0/SUCCESS) Process: 885 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS) Main PID: 890 (clamd) Tasks: 2 (limit: 1099) Memory: 672.2M CPU: 28.920s CGroup: /system.slice/clamav-daemon.service └─890 /usr/sbin/clamd --foreground=true May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> fds_poll_recv: timeout after 3600 seconds May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> Received POLLIN|POLLHUP on fd 3 May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> Got new connection, FD 9 May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> Received POLLIN|POLLHUP on fd 5 May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> fds_poll_recv: timeout after 30 seconds May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> Received POLLIN|POLLHUP on fd 9 May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> client read error or EOF on read May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> Shutting down socket after error (FD 9) May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> Number of file descriptors polled: 1 fds May 26 22:18:52 server1 clamd[890]: Sun May 26 22:18:52 2024 -> fds_poll_recv: timeout after 3600 seconds clamav would not die but rspamd and redis are stopped and disabled. i have rebooted the system again.
Code: /etc/apache2/mods-enabled$ ls access_compat.load dav.load passenger.load actions.conf deflate.conf perl.load actions.load deflate.load proxy.conf alias.conf dir.conf proxy.load alias.load dir.load python.load auth_basic.load env.load reqtimeout.conf auth_digest.load fcgid.conf reqtimeout.load authn_core.load fcgid.load rewrite.load authn_file.load filter.load setenvif.conf authz_core.load headers.load setenvif.load authz_host.load include.load socache_shmcb.load authz_user.load mime.conf ssl.conf autoindex.conf mime.load ssl.load autoindex.load mpm_event.conf status.conf cgid.conf mpm_event.load status.load cgid.load negotiation.conf suexec.load dav_fs.conf negotiation.load dav_fs.load passenger.conf seems all mods listed above are enabled Code: $ a2enconf php8.2-fpm Conf php8.2-fpm already enabled
a2dismod reqtimeout negotiation deflate autoindex -f if you do not want apache to be able to list directorys, use memory to compress the output and maybe weaken tls with that, negotiation is probably not used either and reqtimeout can be a beast depending on the client connection usually but in this case, who knows. a2disconf localized-error-pages at least will save you some precious memory too. If you do not need passenger for anything, disable it aswell aswell as python if possible, it should not disable the ssh clients to run their python code if it's not something attached to the webserver ). Also perl, who is using perl on a webhosting still ^^ Will this fix your issue? Probably not, just save some memory and cpu time. both needs to be disabled / masked. not a good sign
Is there a head -n 10 /etc/apache2/sites-enabled/???-server1.example ???..... conf ? Have you tried enabling Loglevel trace in /etc/apache2/apache.conf , make a request to :8080 and stop the debug log again Have you tried accessing from a different server, system, or the very same server? the proxy module is likely used for php-fpm only if you are using proxypass along fcgid module, better to keep that dav_* dav* is something uncommon these days also Edit: Were there any other changes? Enabling DNSSEC or something like that? Cleared the browser cache to be sure? Tried different browser, or as mentioned curl on the local server to see if it can wget :8080
Never did anything specifically other than what is mentioned in the perfect server setup. surprise Code: server$ wget https://server1.example.in:8080 --2024-05-26 23:49:05-- https://server1.example.in:8080/ Resolving server1.example.in (server1.example.in)... 127.0.1.1 Connecting to server1.example.in (server1.example.in)|127.0.1.1|:8080... connected. HTTP request sent, awaiting response... 302 Found Location: /login/ [following] --2024-05-26 23:49:06-- https://server1.example.in:8080/login/ Reusing existing connection to server1.example.in:8080. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: ‘index.html’
we should've suggested earlier but uhm now we know you have potential for memory related issues, not saying they caused them defnitly but potential, so there's that. that index.html should have some html login related in it and not what you posted for the :80 host Question now is, is it your browser, your network, or ISP pr VPN preventing you from reaching the site? fail2ban bans should have been gone by now I assume. ISPConfig? Do you get a new IP if you reconnect the internet?
wget got different output from client client$ wget -r --tries=1 https://server1.example.in:8080 -o log -S Code: --2024-05-27 00:11:27-- https://server1.example.in:8080/ Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt' Resolving server1.example.in (server1.example.in)... 1.2.3.4 Connecting to server1.example.in (server1.example.in)|1.2.3.4|:8080... failed: Connection timed out. Giving up.
the error notice could be because of some php package updates and poorly maintain billing module, i have hosted in the sub domain .. billing.example.in i have verified another php website still running successfully without downtime (for many years now). if i am banned all the websites should not work right .. not from 8080 only. i may be wrong here, as i am not an expert. yes, if i switch off and on the router, i will get a new ip from the ISP
exhausted by now. will try to resolve the issue during the course of next week or simple do a fresh installation during weekend. going to a slow mode for now. learnt a lot from you Christoph. Thank you and Till together.
happy to inform i am able to successfully install all certificates, except another subdomain ( harshit.example.in ) linked with a SSH account. acme.sh --renew-all --force Code: [Mon May 27 12:15:17 PM IST 2024] Renew: 'server1.example.in' [Mon May 27 12:15:17 PM IST 2024] Renew to Le_API=https://acme-v02.api.letsencrypt.org/directory [Mon May 27 12:15:18 PM IST 2024] Using CA: https://acme-v02.api.letsencrypt.org/directory [Mon May 27 12:15:18 PM IST 2024] Single domain='server1.example.in' [Mon May 27 12:15:21 PM IST 2024] Getting webroot for domain='server1.example.in' [Mon May 27 12:15:22 PM IST 2024] server1.example.in is already verified, skip http-01. [Mon May 27 12:15:22 PM IST 2024] Verify finished, start to sign. [Mon May 27 12:15:22 PM IST 2024] Lets finalize the order. [Mon May 27 12:15:22 PM IST 2024] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1285050216/2729675107' [Mon May 27 12:15:24 PM IST 2024] Downloading cert. [Mon May 27 12:15:24 PM IST 2024] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/038e2643cbdb5c26b8d2c434642aa79d' [Mon May 27 12:15:25 PM IST 2024] Cert success. firefox browser is now showing a more descriptive error.
