.htaccess in /ispconfig/web/ doesn't work

Discussion in 'General' started by make-fun, Apr 18, 2008.

  1. make-fun

    make-fun Member

    Hi folks,

    I've got a bit of a problem with a .htaccess I'd like to place in
    Code:
    /home/admispconfig/ispconfig/web/roundcubemail
    where I wanna protect the web mail.

    .htaccess
    Code:
    AuthType Basic
    AuthName "Members Only"
    AuthUserFile /home/admispconfig/ispconfig/web/roundcubemail/.htpasswd
    <limit GET PUT POST>
    require valid-user
    </limit>
    
    .htpasswd
    Code:
    Webmail:nW1jrA3rke5EI
    Sys
    Code:
    Ubuntu 6.06 Perfect Set Up & ISPConfig Version: 2.2.21
    Adminpanel is available at https…

    /ispconfig/httpd/conf/httpd.conf_https
    Code:
    # AccessFileName: The name of the file to look for in each directory
    # for access control information.
    #
    AccessFileName .htaccess
    
    Just don't see anything wrong, really:confused:

    Cheers
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The config file for apache is /ispconfig/httpd/conf/httpd.conf, the file /ispconfig/httpd/conf/httpd.conf_https is just a copy which is not used by apache.
     
  3. Hans

    Hans Moderator ISPConfig Developer

    Probably .htaccess files are not allowed on your system.
    You can add the following to the Apache directives field of your website:

    <Directory "/var/www/web1/web">
    Options FollowSymLinks
    AllowOverride All
    </Directory>

    Where, web1 is your own webnumber.
     
  4. make-fun

    make-fun Member

    Thanks Hans,
    but I'm in the ISPConfig/Admin Panel web — not a web site.
    Edit:I also testet the files in a web site and they're working there no probs /Edit

    As for the /ispconfig/httpd/conf/httpd.conf(out of the box)
    Code:
    <Directory "/home/admispconfig/ispconfig/web">
    
        Options FollowSymLinks MultiViews
    
        AllowOverride None
    
        Order allow,deny
        Allow from all
    </Directory>
    
    and…
    # AccessFileName: The name of the file to look for in each directory
    # for access control information.
    #
    AccessFileName .htaccess
    
    In my earlier post I forgot to mention I had checked this one too… as I thought it looked good I went ahead and checked the httpd.conf_https — for a lack of ideas I admit :confused:

    Cheers
     
    Last edited: Apr 19, 2008
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Please change the line:

    AllowOverride None

    to:

    AllowOverride Indexes AuthConfig Limit FileInfo

    in the file:

    /ispconfig/httpd/conf/httpd.conf

    and then run:

    /etc/init.d/ispconfig_server restart
     
  6. make-fun

    make-fun Member

    Yes, that was the missing bit… I figured it, when I checked /etc/apache2/apache2.conf again…
    So it's all good now — but didn't really think this would be the default settings of ispconfig, anyway.
     
  7. make-fun

    make-fun Member

    Hi Till, can you maybe enlighten me on this .htaccess thing.

    As stated in my last post I got it to work, so everyone using the webmail had to authenticate first.

    Today I then used Hans' new "RoundCube 0.1.1 package", which now came with it's own .htaccess containing:
    Code:
    # AddDefaultCharset  UTF-8
    AddType text/x-component .htc
    
    #<IfModule mod_php4.c>
    #  php_flag display_errors Off
    #  php_flag log_errors  On
    #  php_value   error_log   logs/errors
    #  php_value   upload_max_filesize  5M
    #  php_value   post_max_size  6M
    #  php_value   memory_limit   64M
    #  php_value   session.auto_start   0
    #  php_value   zlib.output_compression 0
    #  php_value   magic_quotes_gpc  0
    #</IfModule>
    
    <IfModule mod_php5.c>
      php_flag  display_errors Off
      php_flag  log_errors  On
      php_value error_log   logs/errors
      php_value upload_max_filesize  5M
      php_value post_max_size  6M
      php_value memory_limit   64M
      php_value session.auto_start   0
      php_value zlib.output_compression 0
      php_value magic_quotes_gpc  0
    </IfModule>
    
    <FilesMatch "(\.inc|\~)$">
      Order allow,deny
      Deny from all
    </FilesMatch>
    
    Order deny,allow
    Allow from all
    
    Which resulted in:
    Code:
    [Wed Apr 23 02:41:41 2008] [alert] [client ] /home/admispconfig/ispconfig/web/roundcubemail/.htaccess: php_flag not allowed here
    [Wed Apr 23 02:41:57 2008] [alert] [client ] /home/admispconfig/ispconfig/web/roundcubemail/.htaccess: php_flag not allowed here
    [Wed Apr 23 02:44:13 2008] [alert] [client ] /home/admispconfig/ispconfig/web/roundcubemail/.htaccess: php_flag not allowed here
    So back to "/ispconfig/httpd/conf/httpd.con" and
    Code:
    AllowOverride None
    #AllowOverride Indexes AuthConfig Limit FileInfo
    So now the roundcubemail works, but I don't have the authentication anymore. Is there any way to have both, I'm wondering??

    Cheers
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Set AllowOverride to:

    AllowOverride All

    and restart ISPConfig.
     
  9. DantePasquale

    DantePasquale Member HowtoForge Supporter

    Hi All, I had a similar problem that resulted in a bad situation. I added the block provided with RoundCube to the ISPConfig Site panel where you can add Apache Directives. I accidentally hit <Enter> before finishing editing the block of directives and somehow /etc/group was wiped clean and a new /etc/postfix/virtualusertable was created. Luckily the virtualusertable was the same as the old one, and I had a good backup of /etc/group, but I really don't know what happened here and am a bit concerned about doing any more admin work.

    Should I be concerned?

    Here's the block of directives:

    Code:
    <Directory "/var/www/web1/web">
    Options FollowSymLinks
    AllowOverride All
    </Directory>
    
    I hadn't replaced web1/web with the correct path.

    I really don't see how this would be destructive, except of there's a symlink to /etc/group somewhere :mad:

    And here's the ispconfig.log

    Code:
    23.04.2008 - 14:05:42 => INFO - Signalfile Set: insert
    23.04.2008 - 14:05:46 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 257: setquota -g web2 0 0 0 0 -a &> /dev/null
    23.04.2008 - 14:05:46 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 258: setquota -T -g web2 604800 604800 -a &> /dev/null
    23.04.2008 - 14:05:46 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 277: Connected successfully
    23.04.2008 - 14:05:46 => INFO - USER:
    web2_webmailmgr:x:10001:10002:Cocoanet Webmail Administrator:/var/www/web2:/bin/bash
    23.04.2008 - 14:05:46 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 905: setquota -u web2_webmailmgr 0 0 0 0 -a &> /dev/null
    23.04.2008 - 14:05:46 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 906: setquota -T -u web2_webmailmgr 604800 604800 -a &> /dev/null
    23.04.2008 - 14:05:46 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 60: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web2/.forward
    23.04.2008 - 14:05:46 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 117: symlink /var/www/web2/Maildir
    23.04.2008 - 14:05:47 => INFO - USER:
    web2_dantebell:x:10002:10002:Dante Bell:/var/www/web2/user/web2_dantebell:/bin/false
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 905: setquota -u web2_dantebell 1048576 1049600 0 0 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 906: setquota -T -u web2_dantebell 604800 604800 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 60: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web2/user/web2_dantebell/.forward
    23.04.2008 - 14:05:47 => INFO - USER:
    web2_dantepasquale:x:10003:10002:Dante Pasquale:/var/www/web2/user/web2_dantepasquale:/bin/false
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 905: setquota -u web2_dantepasquale 1048576 1049600 0 0 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 906: setquota -T -u web2_dantepasquale 604800 604800 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 60: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web2/user/web2_dantepasquale/.forward
    23.04.2008 - 14:05:47 => INFO - USER:
    web2_donziguy:x:10004:10002:Donzi Guy:/var/www/web2/user/web2_donziguy:/bin/false
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 905: setquota -u web2_donziguy 1048576 1049600 0 0 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 906: setquota -T -u web2_donziguy 604800 604800 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 60: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web2/user/web2_donziguy/.forward
    23.04.2008 - 14:05:47 => INFO - USER:
    web2_bcbgirl:x:10005:10002:Joanie Amato:/var/www/web2/user/web2_bcbgirl:/bin/false
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 905: setquota -u web2_bcbgirl 2097152 2098176 0 0 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 906: setquota -T -u web2_bcbgirl 604800 604800 -a &> /dev/null
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 60: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web2/user/web2_bcbgirl/.forward
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 137: cp -fr /etc/postfix/local-host-names /etc/postfix/local-host-names~
    23.04.2008 - 14:05:47 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 284: cp -fr /etc/postfix/virtusertable /etc/postfix/virtusertable~
    23.04.2008 - 14:05:48 => WARN - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 289: WARNING: could not postmap hash:/etc/postfix/virtusertable
    23.04.2008 - 14:05:48 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1259: cp -fr /etc/apache2/vhosts/Vhosts_ispconfig.conf /etc/apache2/vhosts/Vhosts_ispconfig.conf~
    23.04.2008 - 14:05:48 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_bind.lib.php, Line 295: cp -fr /etc/bind/pri.cocoanet.us /etc/bind/pri.cocoanet.us~
    23.04.2008 - 14:05:51 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php, Line 728: /etc/init.d/bind9 restart &> /dev/null
    23.04.2008 - 14:05:51 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 2022: cp -fr /etc/proftpd_ispconfig.conf /etc/proftpd_ispconfig.conf~
    23.04.2008 - 14:05:52 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 137: cp -fr /etc/postfix/local-host-names /etc/postfix/local-host-names~
    23.04.2008 - 14:05:52 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 284: cp -fr /etc/postfix/virtusertable /etc/postfix/virtusertable~
    23.04.2008 - 14:05:53 => WARN - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 289: WARNING: could not postmap hash:/etc/postfix/virtusertable
    23.04.2008 - 14:05:53 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1259: cp -fr /etc/apache2/vhosts/Vhosts_ispconfig.conf /etc/apache2/vhosts/Vhosts_ispconfig.conf~
    23.04.2008 - 14:05:53 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 2022: cp -fr /etc/proftpd_ispconfig.conf /etc/proftpd_ispconfig.conf~
    
    
    Also, now I'm getting the entry:

    Code:
    postfix/trivial-rewrite[12994]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
    I think you fix this by running:

    Code:
    postmap hash virtualusertable - but I'm not sure. 
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Editing the apache directives yould not have caused this, as the apache directives are not connected to the users. The ispconfig.log looks fine too.

    Please check your group file syntax with:

    grpck
     
  11. DantePasquale

    DantePasquale Member HowtoForge Supporter

    Hi Till,

    Thanks for the quick reply. Ran grpck and /etc/gshadow is hosed up, just like /etc/group was hosed up after updating that web site. I'm agree with you that I don't see how that could have messed things up, especially since I don't have a web1!! Here's the gshadow file:

    Code:
    [email protected]:/home/admispconfig/ispconfig$ sudo grpck
    no matching group file entry in /etc/gshadow
    add group 'root' in /etc/gshadow ?
    [email protected]:/home/admispconfig/ispconfig$ ls -l /etc/gshadow
    -rw-r----- 1 root shadow 100 2008-04-23 14:05 /etc/gshadow
    [email protected]:/home/admispconfig/ispconfig$ cat /etc/gshadow
    cat: /etc/gshadow: Permission denied
    [email protected]:/home/admispconfig/ispconfig$ sudo cat /etc/gshadow
    fax:*::bcbgirl
    utmp:*::
    slocate:x::
    web7:x::
    web13_anonftp:!::
    web2:x::admispconfig,web2_webmailmgr
    
    web2 is what I was updating (webmail.cocoanet.us).

    Do you know how to resync /etc/gshadow ?
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    If you dont have a copy of the gshadow file, you can try the following procedure:

    1) Make a backup of the passwd, shadow, group and gshadow files.
    2) Run the following sql statement in the ISPConfig database:

    update isp_isp_user set status = 'u' where status = '';

    3) Change the setting of one user in the interface and click on save.
     
  13. DantePasquale

    DantePasquale Member HowtoForge Supporter

    Hi Till,

    Maybe we should start a new thread on this, but I'm having major issues with /etc/passwd getting wiped clean whenever I update a user in the ISPConfig control panel.

    I had a user that was having problems logging into e-mail, so I reset her password and saved. Now, the only entries in /etc/passwd are for most of my ISPConfig users, no system users are the passwd file!

    So, now I can't even become root to fix it - or restore from backup - or even shutdown the server!

    What can I do to help debug this problem?

    I'm running ISPConfig v 2.2.22 on Ubuntu 7.10 - 64-bit, kernel Linux inferno.cocoanet.us 2.6.22-14-generic #1 SMP Tue Feb 12 02:46:46 UTC 2008 x86_64 GNU/Linux.

    I realize that with root gone I'm going to have to boot off of my rescue CD/USB drive and fix things and I can't get back to the server location for a few hours, but what should I do about this problem?

    I see that you have v 2.2.23 out, but I understand that's just an update of ClamAV, or should I upgrade anyway?

    Oh, I did an upgrade from 2.2.21 to 2.2.22 with no errors indicated and I didn't have this problem prior to upgrade. :confused:
     
  14. falko

    falko Super Moderator ISPConfig Developer

    Are there any warnings in /home/admispconfig/ispconfig/ispconfig.log? What's the output of
    Code:
    df -h
    ?
     
  15. DantePasquale

    DantePasquale Member HowtoForge Supporter

    Hi Falko & Till,

    Thanks for pointing out pwck. I ran this and all the normal users were OK and the ISPConfig users were OK, but some system users, lpd, gnats, etc. gave messages that their home directories didn't exist. So I created these just to be safe. Then went into the Control Panel and updated some Apache Directives and Added/Updated some users with NO Problems!!!

    Just wondering if you want to add pwck as part of the checklist prior to updating any configs (in the Documentation or Help files). I'm going to put in a cron job to check it, just for kicks!
     

Share This Page