400 Bad Request - The Perfekt Server - ISPConfig3 - Ubuntu10.04
After following tutorial The Perfect Server - ISPConfig3 - Ubuntu10.04 I tried to test the ControlPanel by typing http://myipaddress:8080 as suggested.This command from the tutorial was entered: http://192.168.0.100:8080/ (with my own IP of course)
This is what appears on the screen:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<title>400 Bad Request</title>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
Instead use the HTTPS scheme to access this URL, please.<br />
<blockquote>Hint: <a href="https://webserver1.mydomain.tld:8080/"><b>https://mydomain.tld.dk:8080/</b></a></blockquote></p>
Accessing PhpMyAdmin went a lot better! This works just fine.
In the end of the installation of ISPConfig3 there was a question regarding SSL and secure something.. There was no example of what to answer in the tutorial so I just choosed the default answer. Is this where I got it wrong?
Please help me - looking forward to your response
Please use HTTPS.
http or https - the usual way? + "This Connection is Untrusted"
Thanks a lot for your response :)
Will you please specify why this is? I really want to understand this. Below I have inserted some of the warnings that was shown when I entered the site using "https". The reason I an sking is because the example in the tutorial was "http". I get that this is a secure connection, but did I choose anything "wrong" during the setup? Or is it because there are more than one way to do it? As mentioned earlier on, there was a few question regarding, not the private key 'smtpd.key, but another key where the same info has to be filled in. I do not remember the name of that key. rsa something??? I am not sure. But it was right after filling in info for the private key 'smtpd.key.
This Connection is Untrusted
You have asked Firefox to connect
securely to 192.168.1.200:8080, but we can't confirm that your connection is secure.
and after accepting this all kind of warnings regarding missing certificate, Using the "view certificate" option, I saw information entered by myself and therefore this is ok I guess... But did I choose something wrong in the setup? Is "https" to usual way to enter the ISPConfig3 controlpanel i wonder???
Again, thank you for helping - This is a great forum and I am looking forward using your services and software ;)
You haven't done anything wrong. The certificates created by ISPConfig are not signed by a certified Certificate Authority (CA). There are certain organizations who are approved to sign certificates, approved by the man... If you don't have a CA signed certificate, getting the warning is normal.
Check out the tutorial here to get an authorized CA certificate: http://www.howtoforge.com/securing-y...-from-startssl.
It works! This is the default web page for this server. NOT on the outside!?!
Thanks for your response. Now I get it! As a matter of fact I once had a certificate from Verisign (I think that was their name) to a little thing I made for windows back in the days ;)
And, thanks for the link, I will read it carefully and do just that!
But, being nice and clever at the same time costs :D So will you please look at this too?
The webserver runs in the local network. Doing this: 192.168.1.200 results in this:
This is the default web page for this server.
The web server software is running but no content has been added, yet.
Doing this: 192.168.1.200/webmail results in this:
SquirrelMail version 1.4.22
By the SquirrelMail Project Team
So, it runs locally - but I just can't get it to work from the outside. I've posted another thread in here regarding this, but maybe it is badly written since I've heard nothing yet. I think that is the case. :confused:
Domain works on outside nameserver, nameserver has A-record --> mystaticip --> router/firewall --> portforwarding 21, 22, 25, 53, 80, 110 and 8080(ispconfig) --> myserverip. I can reach ISPConfig from the outside doing a https on port 8080 but I can't reach the websites, not even the default website that works locally as shown above!?! I tried every combination to reach the websites: mystaticip, mystaticip:80, mydomain mydomain:80 I just keep getting the router/admin part! Can't reach the SqirrelMail webmail from the outside either, tried mystaticip/webmail, mystaticip:8081(from sqirrelmail/faq) mystaticip:8081/webmail etc. etc. All with both http/https! To me, being the novice that I am, it looks like the "catching-the-domain-client/user-and-direct-to-website" directory/docs doesn't work. In the old days I had a company hosting websites etc. But back the we had a ip-number for each website, and therefor it was pretty easy to setup. Just point it in the right direction in the nameserver A-record. Now I can't figure out how it works, and therefore my troubleshooting sucks! My other rather bad thread is this:
In this thread I found 1 error which has been fix'ed but it didn't change anything:
I just don't understand how it works. The missing link I call it: "Joe types www.mydomain.tld" --> nameserver --> mystaticip --> router/firewall --> portforwards 80 --> myserverip [missing link] --> mydomain/client /var/www/clients/client3/web1/web/
I totally get it if nobody can fix this - I tried for days now :confused:
But I am looking so much forward to any kind of response after 2 hours and 21 minutes of trying to explain somthing I don't get!
I'm gonna make this quick, b/c I don't believe I'm going to try to answer your original question, b/c I don't understand IP and port forwarding at this time, so I'm not going to go down that road.
I have an old AMD server that I installed ISPConfig 3 on, and I left it DHCP. If you want to be seen by the outside world, I suggest you do the same. I don't run the server behind any firewall at all. I'm not recommending this to anyone, I am just telling you this, b/c I know it works and I don't want to deal with router problems. What I recommend is that you use DHCP, since you have a single server setup and everything is installed on that one server.
There is a company http://www.dnsexit.com/, that provides a DynamicDNS client, and I use this on one of my own home servers. Their service is free, and I give them kudos for that. They are a nice company. Here is a link to tell you about their DynamicDNS service: http://www.dnsexit.com/Direct.sv?cmd=3
If you want to reinstall everything, you can do an "ifconfig" after the initial install to find the IP provided by your ISP. This is the IP to use with dnsexit.com for the initial IP. Install the client, and when your IP changes, dnsexit.com will be updated with your new IP.
If you don't want to reinstall everything, change your /etc/network/interfaces and /etc/hosts back to DHCP.
Keep in mind that for every secure site you want to run on your server, you will need a unique IP to run it on. This can be an issue if you only have one IP and don't fully understand IP forwarding.
I hope this helps... Please let me know, if I can help further...
Reainstalling the server.
Thanks for all the answers. I decided to reinstall the server using all the great help/ideas I received in here. I also downloades Falkos manual, 1 day before the new one came, but anyway, I now am looking forward to the result. My new domain is ip and running, my nameserver has been approved by the danish top domain provider. I am having a little problem "redirecting" (change primary nameserver) for the domain used as nameserver because it is hosting itself. The danish top domain provider won't allow me to "redirect" (chance nameserver) because the nameserver does not exist. But, the nameservers is approved by themself and can be seen as approved on their own website. I guess this is because of the egg<>hen problem. I did inform them and I did set it up the correct way with a glue-record. I guess this is why the nameserver got approved of. Well, I will just have to wait and call them again requesting some support regarding this matter.
I am not sure, but is it possible to get some support directly by somebody in here? I believe to have seen something about that. It will godt, I know, but I really have to be up and running soon. I have an approved nameserver and all that.
Now I reinstall the server using the manual, and them we will see.
Any kind of input would be great.
Forgot to tell you this:
New fast internet line only for this project
All ports opened in router --> server ip number
Primary nameserver --> ns1.mydomain.tld (approved by danish top level domain provider, is this the right english word?)
Secondary nameserver --> ns2.somedanishdomainservice.tld
Ubuntu Server 10.04
ISPconfig3 - Single server setup (own primary nameserver, as mentioned above)
Tutorial: The Perfect Server - ISPConfig3 - Ubuntu Server 10.04
And: Downloaded manual for ISPConfig3 by Falko Timme
I have been thinking about some of the advices I have been given in here. I've been told that "dovecot" was to prefer from "courier" and to use MyDNS instead of BIND. But I can't find a tutorial with these and ubuntu 10.04 together. I have seached ISPConfig/documentation and on howtoforge too. I found one but this would mean I had to switch to ubuntu 12.04 or 12.10. I am not qualified to modify these torials myself. Therefore I am sticking to this tutorial and following it to the letter. To have a chance of making it work. This is the third time I am reinstall the server and I need it to work on tuesday. I need a webserver up and running with php and perl. And my nameserver, now an public nameserver, need to answer on tuesday too.
I am not sure, but I think I read somewhere, that it is possible to get some help online, directly from some off the express? Just can't remember who and where I saw it.
The reinstallation will be done this evening. I've been working through the night but I still have some reading to do before I press on with the ISPConfig3 installation.
So, if anyone knows who and where to go for some direct/online "ISPConfig3" help on this installation. Please don't hesitate to call out.
Sorry if there is some "funny" words here and there, I am writing from my smartphone with danish spellchecking :)
Looking so much forward to hear from you.
Please correct me if I'm wrong, but it sounds like you want to use this single server to host websites AND resolve domains. The problem that your service provider has is that they wan the name server separate from your hosting domain. The only way I know how to do this is to have two servers. One could be virtual, but you're going to need another IP. That means you would have to install something like OpenVZ on your system. If I am wrong, please provide more information.
As far as mail services, I don't know enough about them to recommend one over the other. I run Courier. I'm sure there are plenty of smart people reading this post who would be better qualified to reply to this question.
Reainstalling the server and reading 373pages manual. ( no nead to read this now :)
Of course! Don't panic, I won't be finished reading the manual and reinstalling the server before late. I am just happy that you will take the time to help :) Let's "talk" later :o
|All times are GMT +2. The time now is 19:04.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.