Hi Folks. Good day. I´ve been knocking my head against the table for days with a issue that I'm clueless on how to solve it. I'm posting it here hoping someone can shine some light on it... I'm trying to setup a PHP development environment in one of the domains I host on my server. The goal is to have the project directory under /web with the source files and point the Apache DocumentRoot in a location under it like /web/project/public for example. I created that structure and, once I change the DocumentRoot to /web/project/public, Apache can server the HTML and other static files with no issues. However, if I try to execute a PHP script, I get this on the logs: Code: [Sun Oct 09 00:58:37.672739 2022] [proxy_fcgi:error] [pid 7259] [client 123.45.678.90:59314] AH01071: Got error 'Primary script unknown' I manually modified the /etc/apache2/sites-available/domain.vhost file to change this Code: ProxyFCGISetEnvIf "true" DOCUMENT_ROOT "/web" to Code: ProxyFCGISetEnvIf "true" DOCUMENT_ROOT "/web/project/public" Then, when I browse the location, I get a 404 from the browser and this on the httpd error.log Code: [Sun Oct 09 01:11:28.154606 2022] [proxy_fcgi:error] [pid 9038] [client 123.45.678.90:49873] AH01071: Got error 'Unable to open primary script: /web/project/public/index.php (No such file or directory)' I confirmed the file exists and have the proper user:group permissions (just like the other static files on the same location that work fine). Searching about these errors on the web pointing to SELinux item (which is disabled on the server). Any ideas on how to solve it? Thanks a lot in advance.
Undo all other changes you made, then enter in the apache directives field: DocumentRoot /var/www/clients/clientX/webY/web/project/public just replace X with the client ID and Y with the web ID.
Hello @till. Thanks for the quick response. I've done what you said, I removed the Website, confirmed the files were removed from the server and created it again. Then I added the Apache directive as instructed. Unfortunately, the issue persists. If I place and browse a HTML or a TXT file on this new DocumentRoot location it works without problem. However, if I try a .php file, it returns a 404 with a message on the browser "File not Found". Browsing the Error log, I can see this: Code: user@server:/# tail -f /var/log/ispconfig/httpd/domain/error.log [Sun Oct 09 16:21:00.625170 2022] [proxy_fcgi:error] [pid 98373] [client 123.45.678.90:53578] AH01071: Got error 'Primary script unknown' [Sun Oct 09 16:34:04.114902 2022] [proxy_fcgi:error] [pid 98382] [client 123.45.678.90:51254] AH01071: Got error 'Primary script unknown' It seems some issue with the PHP interpreter, but I'm not fully sure. I'm still searching for clues. If there's any config file of log that helps debugging this issue, let me know and I'll post it promptly. Thanks a bunch.
Hi @Taleman , Thanks for the reply. Yes, I actually removed that Website from ISPConfig interface, and re-created it. Below is the current Apache Config (with domain replaced to mydomain.com). Expand: Apache Config Code: <Directory /var/www/mydomain.com> AllowOverride None Require all denied </Directory> <VirtualHost *:80> DocumentRoot /var/www/clients/client1/web53/web ServerName mydomain.com ServerAlias *.mydomain.com ServerAdmin [email protected] ErrorLog /var/log/ispconfig/httpd/mydomain.com/error.log Alias /error/ "/var/www/mydomain.com/web/error/" ErrorDocument 400 /error/400.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 405 /error/405.html ErrorDocument 500 /error/500.html ErrorDocument 502 /error/502.html ErrorDocument 503 /error/503.html <Directory /var/www/mydomain.com/web> # Clear PHP settings of this website <FilesMatch ".+\.ph(p[345]?|t|tml)$"> SetHandler None </FilesMatch> Options +SymlinksIfOwnerMatch AllowOverride All Require all granted </Directory> <Directory /var/www/clients/client1/web53/web> # Clear PHP settings of this website <FilesMatch ".+\.ph(p[345]?|t|tml)$"> SetHandler None </FilesMatch> Options +SymlinksIfOwnerMatch AllowOverride All Require all granted </Directory> # suexec enabled <IfModule mod_suexec.c> SuexecUserGroup web53 client1 </IfModule> <IfModule mod_fastcgi.c> <Directory /var/www/clients/client1/web53/cgi-bin> Require all granted </Directory> <Directory /var/www/mydomain.com/web> <FilesMatch "\.php[345]?$"> <If "-f '%{REQUEST_FILENAME}'"> SetHandler php-fcgi </If> </FilesMatch> </Directory> <Directory /var/www/clients/client1/web53/web> <FilesMatch "\.php[345]?$"> <If "-f '%{REQUEST_FILENAME}'"> SetHandler php-fcgi </If> </FilesMatch> </Directory> Action php-fcgi /php-fcgi virtual Alias /php-fcgi /var/www/clients/client1/web53/cgi-bin/php-fcgi-*-80-mydomain.com FastCgiExternalServer /var/www/clients/client1/web53/cgi-bin/php-fcgi-*-80-mydomain.com -idle-timeout 300 -socket /var/lib/web53.sock -pass-header Authorization -pass-header Content-Type </IfModule> <IfModule mod_proxy_fcgi.c> <IfVersion >= 2.4.26> ProxyFCGISetEnvIf "true" DOCUMENT_ROOT "/web" ProxyFCGISetEnvIf "true" CONTEXT_DOCUMENT_ROOT "%{reqenv:DOCUMENT_ROOT}" ProxyFCGISetEnvIf "true" HOME "%{reqenv:DOCUMENT_ROOT}" ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "%{reqenv:DOCUMENT_ROOT}%{reqenv:SCRIPT_NAME}" </IfVersion> #ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ unix:///var/lib/web53.sock|fcgi://localhost//var/www/clients/client1/web53/web/$1 <Directory /var/www/clients/client1/web53/web> <FilesMatch "\.php[345]?$"> <If "-f '%{REQUEST_FILENAME}'"> SetHandler "proxy:unix:/var/lib/web53.sock|fcgi://localhost" </If> </FilesMatch> </Directory> </IfModule> # add support for apache mpm_itk <IfModule mpm_itk_module> AssignUserId web53 client1 </IfModule> <IfModule mod_dav_fs.c> # Do not execute PHP files in webdav directory <Directory /var/www/clients/client1/web53/webdav> <ifModule mod_security2.c> SecRuleRemoveById 960015 SecRuleRemoveById 960032 </ifModule> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> DavLockDB /var/www/clients/client1/web53/tmp/DavLock # DO NOT REMOVE THE COMMENTS! # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE! # WEBDAV BEGIN # WEBDAV END </IfModule> DocumentRoot /var/www/clients/client1/web53/web/project/public </VirtualHost> <VirtualHost *:443> DocumentRoot /var/www/clients/client1/web53/web ServerName mydomain.com ServerAlias *.mydomain.com ServerAdmin [email protected] <IfModule mod_http2.c> Protocols h2 http/1.1 </IfModule> <IfModule mod_brotli.c> AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript application/xml application/xml+rss application/atom+xml application/json application/x-font-ttf application/vnd.ms-fontobject image/x-icon </IfModule> ErrorLog /var/log/ispconfig/httpd/mydomain.com/error.log Alias /error/ "/var/www/mydomain.com/web/error/" ErrorDocument 400 /error/400.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 405 /error/405.html ErrorDocument 500 /error/500.html ErrorDocument 502 /error/502.html ErrorDocument 503 /error/503.html <IfModule mod_ssl.c> SSLEngine on SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 # SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS SSLHonorCipherOrder on # <IfModule mod_headers.c> # Header always add Strict-Transport-Security "max-age=15768000" # </IfModule> SSLCertificateFile /var/www/clients/client1/web53/ssl/mydomain.com-le.crt SSLCertificateKeyFile /var/www/clients/client1/web53/ssl/mydomain.com-le.key SSLUseStapling on SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors off </IfModule> <Directory /var/www/mydomain.com/web> # Clear PHP settings of this website <FilesMatch ".+\.ph(p[345]?|t|tml)$"> SetHandler None </FilesMatch> Options +SymlinksIfOwnerMatch AllowOverride All Require all granted </Directory> <Directory /var/www/clients/client1/web53/web> # Clear PHP settings of this website <FilesMatch ".+\.ph(p[345]?|t|tml)$"> SetHandler None </FilesMatch> Options +SymlinksIfOwnerMatch AllowOverride All Require all granted </Directory> # suexec enabled <IfModule mod_suexec.c> SuexecUserGroup web53 client1 </IfModule> <IfModule mod_fastcgi.c> <Directory /var/www/clients/client1/web53/cgi-bin> Require all granted </Directory> <Directory /var/www/mydomain.com/web> <FilesMatch "\.php[345]?$"> <If "-f '%{REQUEST_FILENAME}'"> SetHandler php-fcgi </If> </FilesMatch> </Directory> <Directory /var/www/clients/client1/web53/web> <FilesMatch "\.php[345]?$"> <If "-f '%{REQUEST_FILENAME}'"> SetHandler php-fcgi </If> </FilesMatch> </Directory> Action php-fcgi /php-fcgi virtual Alias /php-fcgi /var/www/clients/client1/web53/cgi-bin/php-fcgi-*-443-mydomain.com FastCgiExternalServer /var/www/clients/client1/web53/cgi-bin/php-fcgi-*-443-mydomain.com -idle-timeout 300 -socket /var/lib/web53.sock -pass-header Authorization -pass-header Content-Type </IfModule> <IfModule mod_proxy_fcgi.c> <IfVersion >= 2.4.26> ProxyFCGISetEnvIf "true" DOCUMENT_ROOT "/web" ProxyFCGISetEnvIf "true" CONTEXT_DOCUMENT_ROOT "%{reqenv:DOCUMENT_ROOT}" ProxyFCGISetEnvIf "true" HOME "%{reqenv:DOCUMENT_ROOT}" ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "%{reqenv:DOCUMENT_ROOT}%{reqenv:SCRIPT_NAME}" </IfVersion> #ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ unix:///var/lib/web53.sock|fcgi://localhost//var/www/clients/client1/web53/web/$1 <Directory /var/www/clients/client1/web53/web> <FilesMatch "\.php[345]?$"> <If "-f '%{REQUEST_FILENAME}'"> SetHandler "proxy:unix:/var/lib/web53.sock|fcgi://localhost" </If> </FilesMatch> </Directory> </IfModule> # add support for apache mpm_itk <IfModule mpm_itk_module> AssignUserId web53 client1 </IfModule> <IfModule mod_dav_fs.c> # Do not execute PHP files in webdav directory <Directory /var/www/clients/client1/web53/webdav> <ifModule mod_security2.c> SecRuleRemoveById 960015 SecRuleRemoveById 960032 </ifModule> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> DavLockDB /var/www/clients/client1/web53/tmp/DavLock # DO NOT REMOVE THE COMMENTS! # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE! # WEBDAV BEGIN # WEBDAV END </IfModule> DocumentRoot /var/www/clients/client1/web53/web/project/public </VirtualHost> <IfModule mod_ssl.c> SSLStaplingCache shmcb:/var/run/ocsp(128000) </IfModule> Thanks for helping with this issue.
Expand: And Here is the Test Report if it helps... Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Ubuntu 20.04.5 LTS [INFO] uptime: 01:11:27 up 1 day, 29 min, 6 users, load average: 0.18, 0.04, 0.02 [INFO] memory: total used free shared buff/cache available Mem: 3.8Gi 1.9Gi 924Mi 30Mi 1.0Gi 1.8Gi Swap: 1.9Gi 71Mi 1.8Gi [INFO] systemd failed services status: UNIT LOAD ACTIVE SUB DESCRIPTION 0 loaded units listed. [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.8p2 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.4.32 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.32 ##### PORT CHECK ##### [WARN] Port 8081 (ISPConfig Apps) seems NOT to be listening [WARN] Port 21 (FTP server) seems NOT to be listening ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 98369) [INFO] I found the following mail server(s): Postfix (PID 3162) [INFO] I found the following pop3 server(s): Dovecot (PID 1533) [INFO] I found the following imap server(s): Dovecot (PID 1533) [WARN] I could not determine which ftp server is running. ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:22 (1618/sshd:) [anywhere]:25 (3162/master) [anywhere]:110 (1533/dovecot) [anywhere]:111 (1/init) [anywhere]:143 (1533/dovecot) ***.***.***.***:53 (680/systemd-resolve) [localhost]:3306 (1691/mysqld) [anywhere]:465 (3162/master) [localhost]:10024 (13381/amavisd-new) [localhost]:10025 (3162/master) [localhost]:10026 (13381/amavisd-new) [localhost]:10027 (3162/master) [localhost]:10023 (1743/postgrey) ***.***.***.***:53 (1540/named) [anywhere]:587 (3162/master) [anywhere]:995 (1533/dovecot) [anywhere]:993 (1533/dovecot) [localhost]:53 (1540/named) [localhost]:953 (1540/named) [localhost]:11211 (1539/memcached) *:*:*:*::*:22 (1618/sshd:) *:*:*:*::*:25 (3162/master) *:*:*:*::*:80 (98369/apache2) [localhost]10 (1533/dovecot) [localhost]11 (1/init) [localhost]43 (1533/dovecot) *:*:*:*::*:10023 (1743/postgrey) *:*:*:*::*:10024 (13381/amavisd-new) *:*:*:*::*:10026 (13381/amavisd-new) *:*:*:*::*:443 (98369/apache2) *:*:*:*::*:465 (3162/master) *:*:*:*::*:587 (3162/master) *:*:*:*::*:995 (1533/dovecot) *:*:*:*::*:993 (1533/dovecot) *:*:*:*::*:953 (1540/named) *:*:*:*::*:53 (1540/named) *:*:*:*::*:8080 (98369/apache2) ##### IPTABLES ##### Chain INPUT (policy DROP) target prot opt source destination f2b-apache-404 tcp -- [anywhere]/0 [anywhere]/0 multiport dports 80,443 f2b-postfix tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25,465,587,143,993,110,995 f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 f2b-roundcube-auth tcp -- [anywhere]/0 [anywhere]/0 multiport dports 80,443 ufw-before-logging-input all -- [anywhere]/0 [anywhere]/0 ufw-before-input all -- [anywhere]/0 [anywhere]/0 ufw-after-input all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-input all -- [anywhere]/0 [anywhere]/0 ufw-reject-input all -- [anywhere]/0 [anywhere]/0 ufw-track-input all -- [anywhere]/0 [anywhere]/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-before-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-reject-forward all -- [anywhere]/0 [anywhere]/0 ufw-track-forward all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-before-output all -- [anywhere]/0 [anywhere]/0 ufw-after-output all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-reject-output all -- [anywhere]/0 [anywhere]/0 ufw-track-output all -- [anywhere]/0 [anywhere]/0 Chain f2b-apache-404 (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-postfix (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-roundcube-auth (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-sshd (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:137 ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:138 ufw-skip-to-policy-input tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:139 ufw-skip-to-policy-input tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:445 ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:67 ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:68 ufw-skip-to-policy-input all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8 ufw-user-forward all -- [anywhere]/0 [anywhere]/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 ctstate INVALID DROP all -- [anywhere]/0 [anywhere]/0 ctstate INVALID ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8 ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp spt:67 dpt:68 ufw-not-local all -- [anywhere]/0 [anywhere]/0 ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:5353 ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:1900 ufw-user-input all -- [anywhere]/0 [anywhere]/0 Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-user-output all -- [anywhere]/0 [anywhere]/0 Chain ufw-logging-allow (0 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 ctstate INVALID limit: avg 3/min burst 10 LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type LOCAL RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type MULTICAST RETURN all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 DROP all -- [anywhere]/0 [anywhere]/0 Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-output (0 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination ACCEPT tcp -- [anywhere]/0 [anywhere]/0 ctstate NEW ACCEPT udp -- [anywhere]/0 [anywhere]/0 ctstate NEW Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:25 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:53 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:443 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:587 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:993 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8080 ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:53 Chain ufw-user-limit (0 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] " REJECT all -- [anywhere]/0 [anywhere]/0 reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination ##### LET'S ENCRYPT ##### Certbot is installed in /usr/bin/letsencrypt
Folks, Good day. Any idea regarding this issue? I even build another server with standard Ubuntu + Apache + PHP (without IPSConfig) to test it. It worked without problem, so, definitely it's something specific to the ISPConfig install I have. Issue is that I don't know much more where to look. Appreciate if you guys can shine some light on it. Thanks a lot.
HI @till Good day. Thanks for the quick reply. It worked! Thanks a bunch. If it's not too much of a trouble, can you give me a little bit more info of what does that option do and why it works when it's disabled? Thank you very much.
This option enforces php-fpm to run in a chroot, but this will most likely work only in case you don't alter the DocumentRoot.
Thanks a lot for the Information and for the work you and the team do. I'm a proud supporter of this group.