Updating ispconfig 3 apache configuration (2.4)

Discussion in 'Installation/Configuration' started by Chioc76, Aug 14, 2014.

  1. Chioc76

    Chioc76 New Member

    Hi everyone!
    First of all I must tell you what a great work the people from ispconfig are doing.
    And the “perfect server” howtos are awesome.

    Well, to the point:
    I recently upgraded a test server fom Ubuntu 12.04 (Server LTS) to Ubuntu 14.04 (Server LTS) and I ran in to a lot of problems, wich I mostly solved, but there is still the issue with updating all the scripts to Apache 2.4 compatible ones so I can dissable the “compat” module.

    As many before me I could not access the control panel, but with some debugging I managed to get access to it.
    To make it more readable I will try to make a list of the current sistuation.

    All the services are running, with a little help from the http://www.howtoforge.com/perfect-server-ubuntu-14.04-apache2-php-mysql-pureftpd-bind-dovecot-ispconfig-3 guide and a lot of debugging I managed to get the mailserver running again and most other services so also the apache in compat mode.

    I can access the Ispconfig control panel and all of my sites are working, but they are working with the “compat” module and using the old auth config style.
    Now, I get a little confused, since in the “apt-listchanges” mail I get after upgrade

    This means a lot of manual labour, and there is a script to help you with this, but I was better of by using the backup /etc/apache2/sites-* files to get things working.

    Now, the problems are the following.
    When I change the configuration of a site, it updates it to the new “Require All Granted” syntax, and I get the “access_compat:error **** AH01797: client denied by server configuration:” error.
    The same happens when I create a new site.
    Most of the theads in this and other forums puts focus on getting it running, but I want to keep my installation and make it wor without the mod_compat mode..

    So these are my questions:
    Is there any real upgrade guide for this? Not only running “php -q update.php” but a guide thats really tells you what is going on so that ISPconfig can manage the sites as it should.
    Is it possible? According to the upgrade documentation from ubuntu all the vhost files must be named *.conf and then be included by a2ensite *.conf, Ispconfig names the symlinks in /etc/apache2/sites-enabled to [domain].[tld].vhost. Will this work outside the compat mode? I suppose so since there must be thousands of sites running this configuration.
    I understand that there must be a conflict in the configurations, I suppose that we can not mix the “allow, deny” syntax with the “require”. But it seems strange, is it possible to use the “require” syntax in the main configuration files and the “allow deny” in some vhost? Why is there else a compat mode?
    Well, I understand that this are not some simple questions, but I think that there are many uot there searshing for the same answers..

    Ps. I am currently reding the apache documentation on access control and upgrading.
    But there is nothing about the .conf in this documents, ut will it work in a Ubuntu envirement or is this compiled in the binary?
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The update procedure is like this:

    1) Update the Ubuntu os.
    2) Update ispconfig and choose to reconfigure services.
    3) login to ispconfig, go to tools > resync and let ispconfig refresh the vhost files.
    4) If you use any manual apache config settings, then you have to convert them now.

    The things that you read about conf vs .vhost files does not apply to servers that run ispconfig, so you dont have to care about that. Dont try to rename any vhost config files as this will break your setup.

    The apache compat mode is broken by design as you cant mix old and new syntax, thats a general apache problem and not ispconfig specific. E.g. when you specify a deny in old syntax for / then you cant override it with an allow in new syntax. And thats most likely your current problem, I guess you have somewhere old syntax in apache2.conf file if you did not choose to replace it with a new file during ubuntu update. Compat mode means just that you can only use the old syntax but you cant mix that. Thats why you have to convert all sites by using ispconfig resync. If your apache2.conf file has not been updated by ubuntu e.g. because you kept the old file during update, then you have to change this fie manually as it is not controlled by ispconfig.
  3. Chioc76

    Chioc76 New Member

    Hi Till and thanks for your reply..
    Well, this is basicly what i had in mind, but I was not aware of tre resync.
    I have searched a lot, but noware have I read of this featue.

    Yes, I noticed.
    I ran the script that Ubuntu provided.
    Nothing worked after that :cool:

    Well, I did not get that option, the upgrade crached my machine..
    I had about 3 or 4 hours solving the problems and just making the machine bootable again.

    I am not a big fan of Ubuntu normally, this is an experimental server before I upgrade my production server...
    I am more used to Arch and Slackware...
    But Ispconfig recommended Ubuntu, and it is fast to set up..

    Yes, it is then what I suspected..
    Well thanks again for your assistance, I'll tru this tomorrow and I hope it helps someone else..
    I was most concerned about the .conf stuff before I started to make the manual update of the files..
    Well, thanks again.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    what you can try to do is this:

    remove all fsymlinks in sites-enabled that start with 100-* and 900-* and restart apache. this disables all sites. then get apache to work so you can login to ispconfig and use the resync feature. this will write new config files in sites-available and activate the sites by creating a new symlink as well.
  5. Chioc76

    Chioc76 New Member

    Hi again, can I set this to "solved" somehow?

Share This Page