#1  
Old 18th December 2009, 19:35
gjaouen gjaouen is offline
Junior Member
 
Join Date: Dec 2009
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default ISP 3.0.1.6 / Centos 5.4

Hi,

I've follow the howto from this website in order to try ispconfig 3 on centos 5.4 server.

This server run a backuppc service an need apache to run under backuppc user account and not apache user account. I change apache user link in the howto by my backuppc user.

Everything went well until I have to log on into the control panel of ispconfig...

When I enter the adress of the control panel, I get this error :

Forbiden

You don't have permission to access / on this server.

This is the output from apache2 error log :

#
[Fri Dec 18 18:53:33 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
#
[Fri Dec 18 18:53:33 2009] [notice] Digest: generating secret for digest authentication ...
#
[Fri Dec 18 18:53:33 2009] [notice] Digest: done
#
[Fri Dec 18 18:53:33 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
#
[Fri Dec 18 18:53:51 2009] [error] [client 127.0.0.1] (13)Permission denied: access to / denied
#
[Fri Dec 18 18:53:56 2009] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/
#
[Fri Dec 18 18:59:55 2009] [error] [client 127.0.0.1] (13)Permission denied: access to / denied
#
[Fri Dec 18 18:59:56 2009] [error] [client 127.0.0.1] (13)Permission denied: access to / denied
#
[Fri Dec 18 18:59:58 2009] [error] [client 127.0.0.1] (13)Permission denied: access to / denied

Apache2 only display 2 warnings about virtual hosts *:80 and *:443 but restart normaly.

How can I fix this error ?

Thank you,

Guillaume.
Reply With Quote
Sponsored Links
  #2  
Old 18th December 2009, 19:38
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,202
Thanks: 829
Thanked 5,420 Times in 4,262 Posts
Default

post the output of:

netstat -tap

make sure that you connect to ispconfig on port 8080. If you selcted a different port like 443 or 80 for ispconfig durig setup, the controlpanel will not be reachable as these ports are in use already.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 4th January 2010, 11:36
gjaouen gjaouen is offline
Junior Member
 
Join Date: Dec 2009
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default output of netstat

Hello and happy new year ;o)

This is the output of netstat -tap on the server :

[root@servrlc ~]# netstat -tap
Connexions Internet actives (serveurs et tablies)
Proto Recv-Q Send-Q Local Address Foreign Address Stat e PID/Program name
tcp 0 0 localhost.localdomain:2208 *:* LIST EN 2498/hpiod
tcp 0 0 *:nfs *:* LIST EN -
tcp 0 0 *:swat *:* LIST EN 2539/xinetd
tcp 0 0 localhost.localdomain:10024 *:* LIST EN 2801/amavisd (maste
tcp 0 0 localhost.localdomain:10025 *:* LIST EN 2884/master
tcp 0 0 *:mysql *:* LIST EN 2710/mysqld
tcp 0 0 *:746 *:* LIST EN 2260/rpc.statd
tcp 0 0 *:netbios-ssn *:* LIST EN 3006/smbd
tcp 0 0 *:5900 *:* LIST EN 3530/vino-server
tcp 0 0 localhost.local:dyna-access *:* LIST EN 2626/clamd
tcp 0 0 *:sunrpc *:* LIST EN 2225/portmap
tcp 0 0 *:ftp *:* LIST EN 2920/pure-ftpd (SER
tcp 0 0 servrlc.rlconsultant:domain *:* LIST EN 2206/named
tcp 0 0 localhost.localdomai:domain *:* LIST EN 2206/named
tcp 0 0 localhost.localdomain:ipp *:* LIST EN 2525/cupsd
tcp 0 0 *:asf-secure-rmcp *:* LIST EN 2605/rpc.mountd
tcp 0 0 *:smtp *:* LIST EN 2884/master
tcp 0 0 servrlc.rlconsultant.f:rndc *:* LIST EN 2206/named
tcp 0 0 localhost.localdomain:rndc *:* LIST EN 2206/named
tcp 0 0 *:ginad *:* LIST EN 2573/rpc.rquotad
tcp 0 0 *:52252 *:* LIST EN -
tcp 0 0 *:microsoft-ds *:* LIST EN 3006/smbd
tcp 0 0 localhost.localdomain:2207 *:* LIST EN 2503/python
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:56838 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:57350 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:58122 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:46864 CLOS E_WAIT -
tcp 0 0 servrlc.rlconsultant.:49803 ww-in-f101.1e100.net:http ESTA BLISHED 4268/firefox
tcp 0 0 servrlc.rlconsu:netbios-ssn 192.168.0.24:37372 ESTA BLISHED 3628/smbd
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:56620 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:45620 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:56629 CLOS E_WAIT -
tcp 0 0 servrlc.rlconsu:netbios-ssn 192.168.0.36:dvt-system ESTA BLISHED 3338/smbd
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:53059 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:49993 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:39756 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:37977 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:52573 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:48740 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:45682 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:51833 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:50042 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:51836 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:58237 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:39549 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:39552 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:54656 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:43909 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:47248 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:47253 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:35739 CLOS E_WAIT -
tcp 0 0 servrlc.rlconsultant.:45040 74.125.8.92:http ESTA BLISHED 4268/firefox
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:60880 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:59610 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:39643 CLOS E_WAIT -
tcp 0 0 servrlc.rlconsu:netbios-ssn 192.168.0.28:53000 ESTA BLISHED 6653/smbd
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:56046 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:34037 CLOS E_WAIT -
tcp 1 0 localhost.localdomain:smtp localhost.localdomain:59895 CLOS E_WAIT -
tcp 0 0 servrlc.rlconsu:netbios-ssn 192.168.0.27:wfremotertm ESTA BLISHED 15932/smbd
tcp 0 12 servrlc.rlconsu:netbios-ssn 192.168.0.23:iad2 ESTA BLISHED 9764/smbd
tcp 0 0 *:webcache *:* LIST EN 2908/httpd
tcp 0 0 *:http *:* LIST EN 2908/httpd
tcp 0 0 *:ftp *:* LIST EN 2920/pure-ftpd (SER
tcp 0 0 *:ssh *:* LIST EN 2516/sshd
tcp 0 148 servrlc.rlconsultant.fr:ssh ::ffff:192.168.0.24:11348 ESTA BLISHED 15972/2
Reply With Quote
  #4  
Old 4th January 2010, 14:51
gjaouen gjaouen is offline
Junior Member
 
Join Date: Dec 2009
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi again,

I fix apache server to apache:apache and ispconfig start working fine.

As backuppc use a non standard account for the web interface, I'll investigate in order to change these settings and keep apache running with a standard http.conf profil for user and group id.

Thank you,

Guillaume JAOUEN.
Reply With Quote
  #5  
Old 8th January 2010, 13:22
gjaouen gjaouen is offline
Junior Member
 
Join Date: Dec 2009
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default New problems....

Hi again,

I'm going further into ispconfig3.0.1.6 testing with centos5.4 and meet new problems.

Until now it seems that mail are working correctly.

I try to setup multiple web site, so I create DNS entry for each of them with neccessary records.

My problem is that apache seem to not redirect correctly the web browser to the correct website root.

For example this is a configuration type (I use the same for all sites, just changing option as php or suexec on some of them) :

DNS Zone settings :

Server : servrlc.rlconsultant.fr
Client : cabinetrlc
Zone (SOA) : audit-tourisme.com.
NS : ns1.audit-tourisme.com.
Email : webmaster.audit-tourisme.com.
next is setup with default values.

DNS records settings :

A 192.168.0.200 0
A ftp 192.168.0.200 0
A mail 192.168.0.200 0
A ns1 192.168.0.200 0
A www 192.168.0.200 0
MX audit-tourisme.com. mail.audit-tourisme.com. 10
NS audit-tourisme.com. ns1.audit-tourisme.com. 0

Sites settings :

Web Domain :

Server : servrlc.rlconsultant.fr
Client : cabinetrlc
IP-Address : 192.168.0.200
Domain : audit-tourisme.com
Harddisk Quota : -1 MB
CGI : Disabled
SSI : Disabled
SuEXEC : Disabled
Own Error-Documents : Enabled
Auto-Subdomain : None
SSL : Disabled
PHP : Disable
Active : Enabled
Redirect type : No redirect
Redirect Path : (empty field)
SSL fileds all empty
Stats filed empty
Linux User web13
Linux Group client1
Apache directives : (empty field)

I add ftp accounts for updating web sites root content, all is working fine with pure-ftpd, and I can upload content in web repository.

this is some linux output commands to check the filesystem settings :

ls -la /var/www/
total 72
drwxr-xr-x 9 root root 4096 jan 7 17:32 .
drwxr-xr-x 29 root root 4096 dc 18 15:52 ..
...
lrwxrwxrwx 1 root root 31 jan 7 16:07 audit-tourisme.com -> /var/www/clients/client1/web13/

ls -la /var/www/audit-tourisme.com/web/
total 528
drwx--x--- 68 web13 client1 4096 jan 8 10:28 .
drwxr-x--x 6 web13 client1 4096 jan 7 16:07 ..
-rw-r--r-- 1 web13 client1 648 jan 8 10:27 anfy.class
drwxr-xr-x 3 web13 client1 4096 jan 8 10:28 audits
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 beauvaisis
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 bitche
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 cac-clienteles
drwxr-xr-x 5 web13 client1 4096 jan 8 10:28 calaisis
-rw-r--r-- 1 web13 client1 10496 jan 8 10:27 calcul_cout_site.htm
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 ca-vannes
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 cc2r
drwxr-xr-x 6 web13 client1 4096 jan 8 10:28 cc3f
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 ccbc
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 ccce
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 cckb
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 CCLDV
drwxr-xr-x 6 web13 client1 4096 jan 8 10:27 ccn
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 ccpc-ccpcp
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 ccpcst
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 ccpi
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 ccqueyras
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 cdc-artois-lys
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 cdc-bellessources
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 cergy-pontoise
drwxr-xr-x 8 web13 client1 4096 jan 8 10:27 cg68
drwxr-xr-x 2 web13 client1 4096 jan 8 10:27 cgi-bin
drwxr-xr-x 3 web13 client1 4096 jan 8 10:27 cilaos
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 cirest
-rw-r--r-- 1 web13 client1 3426 jan 8 10:27 compteur.gif
-rw-r--r-- 1 web13 client1 6911 jan 8 10:27 coutvisiteur.gif
-rw-r--r-- 1 web13 client1 12819 jan 8 10:27 coutvisiteur.html
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 creusotmontceau
drwxr-xr-x 5 web13 client1 4096 jan 8 10:27 crt-poitoucharentes
-rw-r--r-- 1 web13 client1 2549 jan 8 10:27 cva.gif
-rw-r--r-- 1 web13 client1 1255 jan 8 10:27 defaut.htm
drwxr-xr-x 6 web13 client1 4096 jan 8 10:27 dladrome
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 dt-guides
drwxr-xr-x 3 web13 client1 4096 jan 8 10:27 epinal
drwxr-xr-x 2 web13 client1 4096 jan 7 16:07 error
-rw-r--r-- 1 web13 client1 1008 jan 8 10:27 eyeopen_small.gif
-rwxr-xr-- 1 web13 client1 1406 jan 7 16:07 favicon.ico
drwxr-xr-x 2 web13 client1 4096 jan 8 10:27 flash_tourisme
drwxr-xr-x 6 web13 client1 4096 jan 8 10:27 fncdt
-rw-r--r-- 1 web13 client1 5512 jan 8 10:27 formulaire.htm
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 frotsipc
drwxr-xr-x 7 web13 client1 4096 jan 8 10:27 guyane
-rwxr-xr-- 1 web13 client1 0 jan 7 16:07 .htaccess
-rw-r--r-- 1 web13 client1 1259 jan 8 10:27 i2.gif
drwxr-xr-x 2 web13 client1 4096 jan 8 10:27 images
-rw-r--r-- 1 web13 client1 1649 jan 8 10:27 index.1_small.gif
-rwxr-xr-- 1 web13 client1 3556 jan 8 10:27 index.html
-rw-r--r-- 1 web13 client1 1014 jan 8 10:27 introduction.htm
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 irt
-rw-r--r-- 1 web13 client1 22588 jan 8 10:27 lien.jpg
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 logfiles
-rw-r--r-- 1 web13 client1 3954 jan 8 10:27 logosansnom64.gif
-rw-r--r-- 1 web13 client1 42082 jan 8 10:27 logo sans nom.gif
drwxr-xr-x 2 web13 client1 4096 jan 8 10:27 LRAF
-rw-r--r-- 1 web13 client1 2251 jan 8 10:27 Lware.class
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 maison-de-la-ceramique-saint-uze
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 marais-sene
-rw-r--r-- 1 web13 client1 4279 jan 8 10:27 menu.html
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 metz-qualite
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 morlaix
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 oit-provenceverte
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 oti-sud
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 otsaint-germain-en-laye
-rw-r--r-- 1 web13 client1 4228 jan 8 10:27 outils_en_ligne.htm
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 pass-valdeloire
drwxr-xr-x 4 web13 client1 4096 jan 8 10:27 pays-sbs
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 pays-yonnais
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 PECV
-rw-r--r-- 1 web13 client1 3261 jan 8 10:27 postinfo.html
drwxr-xr-x 2 web13 client1 4096 jan 8 10:28 _private
drwxr-xr-x 2 web13 client1 4096 jan 8 10:28 prive
drwxr-xr-x 2 web13 client1 4096 jan 8 10:28 pwp
drwxr-xr-x 3 web13 client1 4096 jan 8 10:28 ratios
-rw-r--r-- 1 web13 client1 19118 jan 8 10:27 ratioscalcul.html
drwxr-xr-x 3 web13 client1 4096 jan 8 10:28 region-alsace
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 remiremont
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 rh
-rwxr-xr-- 1 web13 client1 25 jan 8 10:27 robots.txt
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 sables2010
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 smgg
drwxr-xr-x 3 web13 client1 4096 jan 8 10:28 smi-port-jerome
drwxr-xr-x 2 root root 4096 jan 7 16:07 stats
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 ud57
drwxr-xr-x 7 web13 client1 4096 jan 8 10:28 villagescreoles
-rw-r--r-- 1 web13 client1 1850 jan 8 10:27 _vti_inf.html
drwxr-xr-x 2 web13 client1 4096 jan 8 10:28 W3SVC78
drwxr-xr-x 2 web13 client1 4096 jan 8 10:28 W3SVC79
-rw-r--r-- 1 web13 client1 19523 jan 8 10:27 Warp.class
-rw-r--r-- 1 web13 client1 12611 jan 8 10:27 Warp.jar
-rw-r--r-- 1 web13 client1 24 jan 8 10:27 warpscr.txt
drwxr-xr-x 4 web13 client1 4096 jan 8 10:28 wintzenheim
drwxr-xr-x 2 web13 client1 4096 jan 8 10:28 word
-rw-r--r-- 1 web13 client1 3327 jan 8 10:27 www.gif
-rw-r--r-- 1 web13 client1 2553 jan 8 10:27 www_small.gif

All seem correct at this level.

I add logs of the server in the attachement file.

The redirection fail and so I can't access sites and ssl option fail too.

Thank you very much for any help.

Guillaume.
Attached Files
File Type: zip server.logs.txt.zip (90.9 KB, 670 views)
Reply With Quote
  #6  
Old 8th January 2010, 13:32
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,202
Thanks: 829
Thanked 5,420 Times in 4,262 Posts
Default

In DNS records, you have to use extrenal IP addresses and not internal IP addresses, as internal IP's dont get routed trogh the internet.

So, use the internal IP in the website settings and the external IP in the dns records.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 8th January 2010, 15:44
gjaouen gjaouen is offline
Junior Member
 
Join Date: Dec 2009
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thank you for your quick response

Problem is that as I'm testing ispconfig admin interface the true outside ip for the domains is not available yet.

It's a little bit complicated situation because the server will run behind an isp centrex solution (service of voip and internet are merged). The provider manage the network routing tables for security reason (I know it's silly...).

So the isp solution we have allow us to route 20 ports from 86.64.69.208 ip on local network server.

As we are a really little company, we only have one server that will manage all our websites. In fact I plan to create a virtual ip shared between multiple servers (but it'll be later).

That's why I wanna be sure that all will work before rerouting all dns from our registrar to our public ip because otherwise it'll break access to all our websites...

Is there really no chance to succeed testing SSL and multiple website over a local network ?

I had setup the server as dns server for my local network so it's mydns that redirect www request over local network and not the ipbx box of the isp provider. If I test phpmyadmin access or squirelmail web interface, all is working fine from all computers on local network. The other interrest I find in such setup is that it should allow to build local dns configuration.

I read over the net that it should work if I change the file /etc/httpd/sites-available/default AllowOverride None by AllowOverride All.

I have another question without answer, if I wanna use SSL, and have only one public ip, do I have to share one ssl certificat for all websites or can I have multiple certificats on one ip on ispconfig3 ?

Once more time, thank you for your help that's greatly appreciated and for the great job done with this admin interface

Guillaume.

Last edited by gjaouen; 8th January 2010 at 16:00.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig3 Mail Warn Errors reason8 General 3 25th November 2009 13:58
Centos 5.2 + ISPConfig 3 tutorial - Problem with email tanakskool Server Operation 1 3rd June 2009 16:22
How to retrieve email? (Postfix / Courier) Merritt General 20 5th April 2009 14:26
Running ISP Config Centos Server as Gateway/Router domh Installation/Configuration 1 29th January 2008 10:26
My server got hacked and is being used to SPAM greenhornet Installation/Configuration 15 28th January 2008 17:02


All times are GMT +2. The time now is 10:54.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.