permissions /var/www - ISPC stopped working - RESOLVED

Hi,
I accidentally changed permissions inside /var/www to specific user and group and my ISPconfig managing website stopped working with following error:

===============================================
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.
===============================================

Is there a way how to return/rewrite permissions back to normal so my ISPc come back to normal, my backup is quite far away. I was browsing forum and googling solution for this, but nothing what I had tried, worked.

Please can someone help me?

Thank you.

 

Do you remember what you did? Then it may be possible to undo.
Restoring backup is next best thing, but if you can not use your backups then this does not work. Strange backups those, though.
Compare /var/www with a working ISPConfig system, and maybe you can see how your system is different.

 

Try

Code:

chown root:root /var/www
chown root:root /var/www/*
chown root:root php-fcgi-scripts -R
chown ispconfig:ispconfig /var/www/ispconfig -R
chown ispapps:ispapps /var/www/apps -R

Should bring back your web interface. You have to investigate if you changed the ownership of the users webs. That would need to be corrected, too.

 

Thank you, it did something, now there is different error msg. All I did is, playing with permissions at /var/www . But nowhere else, websites working, just ISPconfig site on <IP>:8080 not working and this is the msg now after your help:

Forbidden
You don't have permission to access / on this server.
Server unable to read htaccess file, denying access to be safe

Any idea?

Thank you again guys!

 

Do you know the commands, that you did?
Post the output of

Code:

ls -al /var/www
ls -al /var/www/ispconfig/
tail /var/log/apache2/error.log

Strange, didn't know there is a htaccess file ..

 

ls -al /var/www



ls -al /var/www/ispconfig

lrwxrwxrwx 1 ispconfig ispconfig 34 May 9 2016 /var/www/ispconfig -> /usr/local/ispconfig/interface/web

tail /var/log/apache2/error.log

[Wed May 20 23:13:43.101445 2020] [core:crit] [pid 21390] (13)Permission denied: [client <myIP>:13296] AH00529: /var/www/ispconfig/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/var/www/ispconfig/' is executable

commands I used:

find /var/www/ -type f -exec chmod 644 {} \;
find /var/www/ -type d -exec chmod 755 {} \;

 

It is good, that you posted the commands, because they did not what you described.

This changed the permissions of all files to "644". Depending on your settings, this could(!) be harmless. However, some scripts may require execute rights.

This changed the permissions of all directories to "755".

Your error message suggests, that the webserver cannot read the directory. The directory needs to have the executable flag so that the web server can read it. In your screenshot it looks good to me.
What gives "ls -al /usr/local/ispconfig/interface/web/"?
Should look like this:

Code:

# ls -al /usr/local/ispconfig/interface/web/
drwxr-s--- 21 ispconfig ispconfig  4096 Mär 29  2018 .
drwxr-s---  9 ispconfig ispconfig  4096 Mär 29  2018 ..
drwxr-s---  6 ispconfig ispconfig  4096 Mai 30  2016 admin
drwxr-s---  6 ispconfig ispconfig  4096 Aug 19  2018 automail
-rwxr-x---  1 ispconfig ispconfig  3188 Feb 25 05:22 capp.php
drwxr-s---  6 ispconfig ispconfig  4096 Apr  9  2014 client
-rwxr-x---  1 ispconfig ispconfig  2970 Feb 25 05:22 content.php
drwxr-s---  7 ispconfig ispconfig  4096 Jan 20  2014 dashboard
-rwxr-x---  1 ispconfig ispconfig  1901 Feb 25 05:22 datalogstatus.php
drwxr-s---  6 ispconfig ispconfig  4096 Feb 24 00:43 dns
-rwxr-x---  1 ispconfig ispconfig     0 Feb 25 05:22 dummy_login.html
-rwxr-x---  1 ispconfig ispconfig 18478 Feb 25 05:22 favicon.ico
drwxr-s---  6 ispconfig ispconfig  4096 Jan 20  2014 help
-rwxr-x---  1 ispconfig ispconfig  4533 Feb 25 05:22 index.php
drwxr-s---  6 ispconfig ispconfig  4096 Jun  5  2018 js
-rwxr-x---  1 ispconfig ispconfig  1649 Feb 25 05:22 keepalive.php
drwxr-s---  4 ispconfig ispconfig  4096 Mär  4 05:24 login
drwxr-s---  6 ispconfig ispconfig  4096 Jun  5  2018 mail
drwxr-s---  6 ispconfig ispconfig  4096 Jan 20  2014 mailuser
drwxr-s---  6 ispconfig ispconfig  4096 Feb 24 00:43 monitor
lrwxrwxrwx  1 ispconfig ispconfig    20 Jan 23  2016 munin -> /var/cache/munin/www
-rwxr-x---  1 ispconfig ispconfig  5177 Feb 25 05:22 nav.php
drwxr-s---  2 ispconfig ispconfig  4096 Mai 23  2017 remote
-rwxr-x---  1 ispconfig ispconfig    25 Feb 25 05:22 robots.txt
drwxr-s---  7 ispconfig ispconfig  4096 Mai 30  2016 sites
drwxr-s---  3 ispconfig ispconfig  4096 Jan 20  2014 strengthmeter
drwxrws---  2 ispconfig ispconfig  4096 Apr  9  2014 temp
drwxr-s---  9 ispconfig ispconfig  4096 Jan 10 21:53 themes
drwxr-s---  6 ispconfig ispconfig  4096 Mai 30  2016 tools
drwxr-s---  6 ispconfig ispconfig  4096 Jan 20  2014 vm
drwxr-s---  3 ispconfig ispconfig  4096 Feb 24 00:43 wizard

 

Code:

drwxr-xr-x 19 root      root       4096 May 21 00:07 .
drwxr-s---  9 ispconfig ispconfig  4096 Oct 17  2017 ..
drwxr-s---  6 ispconfig ispconfig  4096 Oct 17  2017 admin
-rwxr-x---  1 ispconfig ispconfig  3188 Mar 13 14:08 capp.php
drwxr-s---  6 ispconfig ispconfig  4096 May  9  2016 client
-rwxr-x---  1 ispconfig ispconfig  2970 Mar 13 14:08 content.php
drwxr-s---  7 ispconfig ispconfig  4096 May  9  2016 dashboard
-rwxr-x---  1 ispconfig ispconfig  1901 Mar 13 14:08 datalogstatus.php
drwxr-s---  6 ispconfig ispconfig  4096 Mar 13 14:08 dns
-rwxr-x---  1 ispconfig ispconfig     0 Mar 13 14:08 dummy_login.html
-rwxr-x---  1 ispconfig ispconfig 18478 Mar 13 14:08 favicon.ico
drwxr-s---  6 ispconfig ispconfig  4096 May  9  2016 help
-rwxr-x---  1 ispconfig ispconfig  4533 Mar 13 14:08 index.php
drwxr-s---  6 ispconfig ispconfig  4096 Mar 13 14:06 js
-rwxr-x---  1 ispconfig ispconfig  1649 Mar 13 14:08 keepalive.php
drwxr-s---  4 ispconfig ispconfig  4096 May  9  2016 login
drwxr-s---  6 ispconfig ispconfig  4096 Mar 13 14:08 mail
drwxr-s---  6 ispconfig ispconfig  4096 May  9  2016 mailuser
drwxr-s---  6 ispconfig ispconfig  4096 Mar 13 14:08 monitor
-rwxr-x---  1 ispconfig ispconfig  5177 Mar 13 14:08 nav.php
drwxr-s---  2 ispconfig ispconfig  4096 Oct 17  2017 remote
-rwxr-x---  1 ispconfig ispconfig    25 Mar 13 14:08 robots.txt
drwxr-s---  7 ispconfig ispconfig  4096 Oct 17  2017 sites
drwxr-s---  3 ispconfig ispconfig  4096 May  9  2016 strengthmeter
drwxrws---  2 ispconfig ispconfig  4096 May  9  2016 temp
drwxr-s---  7 ispconfig ispconfig  4096 May  9  2016 themes
drwxr-s---  6 ispconfig ispconfig  4096 Oct 17  2017 tools
drwxr-s---  6 ispconfig ispconfig  4096 May  9  2016 vm

 

Try "chown ispconfig:ispconfig /usr/local/ispconfig/interface/web/"
If that doesn't work:
"ls -al /usr/local/ispconfig/interface/"?

Otherwise it could be something else, like selinux. Was it really working directly before you messed with the permissions, or did you also change other things? Is the error.log still the same?

=>

Code:

wget -q -O htf-common-issues.php "http://gitplace.net/pixcept/ispconfig-tools/raw/stable/htf-common-issues.php" && php -q htf-common-issues.php

to view the report, run this command:

Code:

cat htf_report.txt | more

 

ls -al /usr/local/ispconfig/interface/ (is that ssl root:root ok?)

Code:

drwxr-s---  9 ispconfig ispconfig 4096 Oct 17  2017 .
drwxr-sr-x  5 root      root      4096 May  9  2016 ..
drwxr-sr-x  3 ispconfig ispconfig 4096 Oct 17  2017 acme
drwxr-s---  2 ispconfig ispconfig 4096 May  9  2016 cache
-rwxr-x---  1 ispconfig ispconfig  169 Mar 13 14:08 index.htm
drwxr-s---  5 ispconfig ispconfig 4096 May  9  2016 lib
drwxr-s---  2 root      root      4096 May  9  2016 ssl
drwxr-s---  2 ispconfig ispconfig 4096 May  9  2016 temp
drwxr-s---  2 ispconfig ispconfig 4096 May  9  2016 tools
drwxr-xr-x 19 ispconfig ispconfig 4096 May 21 00:07 web

Code:

##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Debian GNU/Linux 10.4 (n/a)

[INFO] ISPConfig is installed.
[WARN] /usr/local/ispconfig/server/lib/config.inc.php is missing.

##### VERSION CHECK #####

[INFO] php (cli) version is 7.2.10-1+0~20181001133426.7+jessie~1.gbpb6e829
[INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.38-0+deb8u1

##### PORT CHECK #####


##### MAIL SERVER CHECK #####


##### RUNNING SERVER PROCESSES #####

[WARN] I could not determine which web server is running.
[WARN] I could not determine which mail server is running.
[WARN] I could not determine which pop3 server is running.
[WARN] I could not determine which imap server is running.
[WARN] I could not determine which ftp server is running.

##### LISTENING PORTS #####
(only           ()
Local           (Address)
[anywhere]:993          (-)
[anywhere]:995          (-)
[localhost]:10024               (-)
[localhost]:10025               (-)
[localhost]:10026               (-)
[localhost]:10027               (-)
[anywhere]:587          (-)
[localhost]:11211               (-)
[anywhere]:110          (-)
[anywhere]:143          (-)
[anywhere]:111          (-)
[anywhere]:465          (-)
***.***.***.***:53              (-)
[anywhere]:21           (-)
***.***.***.***:53              (-)
[localhost]:53          (-)
[anywhere]:22           (-)
[anywhere]:25           (-)
[localhost]:953         (-)
*:*:*:*::*:993          (-)
*:*:*:*::*:995          (-)
*:*:*:*::*:10024                (-)
*:*:*:*::*:10026                (-)
*:*:*:*::*:3306         (-)
*:*:*:*::*:587          (-)
[localhost]10           (-)
[localhost]43           (-)
[localhost]11           (-)
*:*:*:*::*:8080         (-)
*:*:*:*::*:80           (-)
*:*:*:*::*:8081         (-)
*:*:*:*::*:465          (-)
*:*:*:*::*:21           (-)
*:*:*:*::*:53           (-)
*:*:*:*::*:22           (-)
*:*:*:*::*:25           (-)
*:*:*:*::*:953          (-)
*:*:*:*::*:443          (-)




##### IPTABLES #####

yes, it was working. No, I was changing only permissions/ownership inside /var/www/

 

Is it possible to reinstall it, or run some "self" repair, so it would keep logins and replace everything else back to normal?

 

Yes, you can try it:

Code:

cd /tmp
wget https://www.ispconfig.org/downloads/ISPConfig-3.1.15p3.tar.gz
tar xvfz ISPConfig-3.1.15p3.tar.gz
cd ispconfig3_install/install
php -q update.php

When asking for reconfiguring services, choose "yes"

Did you recently change your PHP version? ISPC does support additional php versions, but does not support to change the systems standard php version. Go back to the standard version (I think for Jessie it is 5.6) with:

Code:

update-alternatives --config php
update-alternatives --config php-cgi

To install additional php versions see: https://www.howtoforge.com/tutorial...fig-3-from-debian-packages-on-debian-8-and-9/
Edit: I have just seen, that your Debian version is 10. Then the system php should be 7.3. You should clean up your php versions ;-)

 

those permissions drwxr-sr-x mean the folders have been chmodded to 2755, maybe you used that on /var/www and it's being inherited?
chmodding to 0755 should set them back to drwxr-xr-x

 

Thank you, I manged to fix that, by reinstall ispc and fixed php version. It's working after that!

Thanks all of you for your time and help, it was very helpfull and I have learned a lot.