I have a problem reaching control panel at 8080. ISPConfig version is 3.1.11 All the sites are served. Firewall is not blocking that port. netstat is showing that apache is NOT listening to 8080. My ispconfig.vhost Code: ###################################################### # This virtual host contains the configuration # for the ISPConfig controlpanel ###################################################### NameVirtualHost *:8080 <VirtualHost _default_:8080> ServerAdmin webmaster@localhost <Directory /var/www/ispconfig/> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> <Directory /usr/local/ispconfig/interface/web/> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> <IfModule mod_fcgid.c> DocumentRoot /var/www/ispconfig/ SuexecUserGroup ispconfig ispconfig <Directory /var/www/ispconfig/> Options -Indexes +FollowSymLinks +MultiViews +ExecCGI AllowOverride AuthConfig Indexes Limit Options FileInfo <FilesMatch "\.php$"> SetHandler fcgid-script </FilesMatch> FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php Require all granted </Directory> IPCCommTimeout 7200 MaxRequestLen 15728640 </IfModule> <IfModule mpm_itk_module> DocumentRoot /usr/local/ispconfig/interface/web/ AssignUserId ispconfig ispconfig AddType application/x-httpd-php .php <Directory /usr/local/ispconfig/interface/web> # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp" Options +FollowSymLinks AllowOverride None Require all granted php_value magic_quotes_gpc 0 </Directory> </IfModule> # ErrorLog /var/log/apache2/error.log # CustomLog /var/log/apache2/access.log combined ServerSignature Off <IfModule mod_security2.c> SecRuleEngine Off </IfModule> # SSL Configuration SSLEngine On SSLProtocol All -SSLv3 SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key #SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS SSLHonorCipherOrder On <IfModule mod_headers.c> Header always add Strict-Transport-Security "max-age=15768000" RequestHeader unset Proxy early </IfModule> SSLUseStapling On SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors Off </VirtualHost> <IfModule mod_ssl.c> SSLStaplingCache shmcb:/var/run/ocsp(128000) </IfModule> <Directory /var/www/php-cgi-scripts> AllowOverride None Require all denied </Directory> <Directory /var/www/php-fcgi-scripts> AllowOverride None Require all denied </Directory> Any thoughts about that ?
Is this the complete vhost file? The closing virtual host line is missing, but I guess you just missed copying it. What do you see in the browser when you open the server IP address, port 8080?
Hello Till! Thank you for a quick response. This is the complete vhost file. I guess the closing virtualhost tag is right before <IfModule mod_ssl.c> line The Firefox is saying that The connection has timed out.
You're right, missed that This night be a firewall problem as well.Please use the test script to check the server: https://www.howtoforge.com/community/threads/please-read-before-posting.58408/
I've checked that script Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** IP-address(es) (as per ifconfig): ***.***.***.*** [WARN] ip addresses from hostname differ from ifconfig output. Please check your ip settings. [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.1.11 ##### VERSION CHECK ##### [INFO] php (cli) version is 5.6.33-0+deb8u1 [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.33-0+deb8u1 ##### PORT CHECK ##### [WARN] Port 8080 (ISPConfig) seems NOT to be listening [WARN] Port 22 (SSH server) seems to be BLOCKED in firewall ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 3273) [INFO] I found the following mail server(s): Postfix (PID 1506) [INFO] I found the following pop3 server(s): Dovecot (PID 694) [INFO] I found the following imap server(s): Unknown process (init) (PID 1) [INFO] I found the following ftp server(s): PureFTP (PID 2192) ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:993 (1/init) [anywhere]:995 (694/dovecot) [localhost]:10023 (922/postgrey.pid) [localhost]:8999 (879/php-fpm.conf)) [localhost]:10024 (2617/amavisd-new) [localhost]:10025 (1506/master) [localhost]:3306 (6508/mysqld) [localhost]:10026 (2617/amavisd-new) [localhost]:10027 (1506/master) [anywhere]:587 (1506/master) [localhost]:11211 (666/memcached) [localhost]:2828 (1093/monit) [anywhere]:110 (694/dovecot) [anywhere]:143 (1/init) [anywhere]:111 (626/rpcbind) [anywhere]:10000 (2190/perl) [anywhere]:465 (1506/master) [anywhere]:21 (2192/pure-ftpd) ***.***.***.***:53 (667/named) [localhost]:53 (667/named) [anywhere]:22 (808/sshd) [anywhere]:46038 (636/rpc.statd) [localhost]:8088 (665/influxd) [anywhere]:25 (1506/master) [localhost]:953 (667/named) *:*:*:*::*:993 (1/init) *:*:*:*::*:995 (694/dovecot) *:*:*:*::*:10023 (922/postgrey.pid) *:*:*:*::*:10024 (2617/amavisd-new) *:*:*:*::*:10026 (2617/amavisd-new) *:*:*:*::*:587 (1506/master) [localhost]10 (694/dovecot) [localhost]43 (1/init) [localhost]11 (626/rpcbind) *:*:*:*::*:80 (3273/apache2) [localhost]0000 (2190/perl) *:*:*:*::*:49680 (636/rpc.statd) *:*:*:*::*:8081 (3273/apache2) *:*:*:*::*:465 (1506/master) *:*:*:*::*:21 (2192/pure-ftpd) *:*:*:*::*:53 (667/named) *:*:*:*::*:8086 (665/influxd) *:*:*:*::*:22 (808/sshd) *:*:*:*::*:25 (1506/master) *:*:*:*::*:953 (667/named) *:*:*:*::*:443 (3273/apache2) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-webmin tcp -- [anywhere]/0 [anywhere]/0 multiport dports 10000,20000 fail2ban-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25 fail2ban-dovecot-pop3imap tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993 fail2ban-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21 fail2ban-ssh tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 DROP tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:1666 DROP all -- ***.***.***.*** [anywhere]/0 ACCEPT tcp -- ***.***.***.*** [anywhere]/0 tcp dpt:9999 ACCEPT tcp -- ***.***.***.*** [anywhere]/0 tcp dpt:8086 ACCEPT tcp -- [localhost] [anywhere]/0 tcp dpt:8086 ACCEPT tcp -- [localhost] [anywhere]/0 tcp dpt:8086 ACCEPT tcp -- [localhost] [anywhere]/0 tcp dpt:8083 ACCEPT tcp -- [localhost] [anywhere]/0 tcp dpt:8083 ACCEPT tcp -- ***.***.***.*** [anywhere]/0 tcp dpt:8083 DROP tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8083 DROP tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8086 DROP tcp -- ***.***.***.*** [anywhere]/0 tcp dpt:22 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-dovecot-pop3imap (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-postfix-sasl (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-pureftpd (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-ssh (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-webmin (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 netstat -tupln | grep 8080 is showing nothing Apache is not listening to that port
Also have these errors in apache error.log: AH01906: myfqdn.com:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! AH02567: Unable to configure certificate myfqdn.com:8080:0 for stapling
Solved !! Had to tell apache to listen to port 8080 in ports.conf file It is strange because it worked more than a year without that port written in there. TY
The listen directive for port 8080 is normally defined in ispconfig.vhost file, seems as if you removed it there. Better remove it from ports.conf and add it to ispconfig.vhost again. Otherwise, the apache setup will fail on next ISPconfig update.
Thanks till! It is defined in vhost file as well, but it's not working I will change that before update. Hope update will fix that issue
The problem with port appears while listing/checking the settings under server settings tab. While switching tabs(even if you don't make any changes) it freezes and port 8080 becomes unavailable
believe I'm in the same place here... am local and attempting to load admin gui / page via https://<ip>:<port setup> trying to find what a correct vhosts should look like. ---- solved that... have a duplicate install setup - and compared the two files... they are identical.. (duplicate install on another IP address) verified ports.conf identical as well as /etc/apache2/sites-enabled/000-ispconfig.vhost netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:imaps *:* LISTEN 1/init tcp 0 0 *op3s *:* LISTEN 17182/dovecot tcp 0 0 localhost:10024 *:* LISTEN 17174/amavisd-new ( tcp 0 0 localhost:10025 *:* LISTEN 17084/master tcp 0 0 localhost:10026 *:* LISTEN 17174/amavisd-new ( tcp 0 0 localhost:10027 *:* LISTEN 17084/master tcp 0 0 *:submission *:* LISTEN 17084/master tcp 0 0 localhost:11211 *:* LISTEN 555/memcached tcp 0 0 *op3 *:* LISTEN 17182/dovecot tcp 0 0 *:imap2 *:* LISTEN 1/init tcp 0 0 *:40399 *:* LISTEN 474/rpc.statd tcp 0 0 *:sunrpc *:* LISTEN 455/rpcbind tcp 0 0 *:urd *:* LISTEN 17084/master tcp 0 0 host.domain:domain *:* LISTEN 17338/named tcp 0 0 localhost:domain *:* LISTEN 17338/named tcp 0 0 *:ftp *:* LISTEN 17330/pure-ftpd (SE tcp 0 0 *:ssh *:* LISTEN 696/sshd tcp 0 0 localhost:953 *:* LISTEN 17338/named tcp 0 0 *:smtp *:* LISTEN 17084/master tcp 0 272 host.domain.:ssh remoteconnction.l:51507 ESTABLISHED 22667/sshd: adm tcp6 0 0 [::]:imaps [::]:* LISTEN 1/init tcp6 0 0 [::]op3s [::]:* LISTEN 17182/dovecot tcp6 0 0 localhost:10024 [::]:* LISTEN 17174/amavisd-new ( tcp6 0 0 localhost:10026 [::]:* LISTEN 17174/amavisd-new ( tcp6 0 0 [::]:mysql [::]:* LISTEN 16800/mysqld tcp6 0 0 [::]:submission [::]:* LISTEN 17084/master tcp6 0 0 [::]op3 [::]:* LISTEN 17182/dovecot tcp6 0 0 [::]:imap2 [::]:* LISTEN 1/init tcp6 0 0 [::]:sunrpc [::]:* LISTEN 455/rpcbind tcp6 0 0 [::]:http [::]:* LISTEN 23015/apache2 tcp6 0 0 [::]:tproxy [::]:* LISTEN 23015/apache2 tcp6 0 0 [::]:urd [::]:* LISTEN 17084/master tcp6 0 0 [::]:domain [::]:* LISTEN 17338/named tcp6 0 0 [::]:ftp [::]:* LISTEN 17330/pure-ftpd (SE tcp6 0 0 [::]:ssh [::]:* LISTEN 696/sshd tcp6 0 0 [::]:39095 [::]:* LISTEN 474/rpc.statd tcp6 0 0 localhost:953 [::]:* LISTEN 17338/named tcp6 0 0 [::]:smtp [::]:* LISTEN 17084/master tcp6 0 0 [::]:8443 [::]:* LISTEN 23015/apache2 tcp6 0 0 [::]:https [::]:* LISTEN 23015/apache2 see IPv6 on ports but not in IPv4 however client sites running fine no issues there... just the admin instance isn't working.....
My Issue ended up being firewall - UFW wasn't on but IPchains default firewall was enabled and running. once i disabled that the port worked fine.. but would check if above is your issue or firewall - always good to see what the experts like @till think!
