Port 8080 no longer secure

Discussion in 'ISPConfig 3 Priority Support' started by mrbronz, Apr 13, 2021.

  1. mrbronz

    mrbronz Member HowtoForge Supporter

    Yes that's what I have done...?
    I did exactly has till suggested. Moved all the symlinks to /tmp and the app file was the file I moved back and tried to start apache.... Have I miss read something or am I doing something wrong?
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Which set of files present in sites-enabled makes apache not start?
     
  3. mrbronz

    mrbronz Member HowtoForge Supporter

    which set?

    I'm sorry Taleman, your not making any sense.

    I was asked to remove all the files in sites-enable, then run the Ispc3 install However, when the install had finished the system would not allow apache to start. Till then suggested I remove the files in sites-enable to find the one that was causing the problem.
    Now, considering there are only 3 files in the sites-enable directory, after the install is finished, its a little difficult to catogarise a single file as a set.

    Would you care to explain a little more so I can understand what you mean?
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    You wrote in #59:
    That indicates there is more than one file, which if present in sites-enabled/, makes apache not start. I have been trying to find if this is the case.
     
  5. mrbronz

    mrbronz Member HowtoForge Supporter

    OK so, when I was originally asked to remove the files/symlinks present in the sites-enable, I did not delete them but moved them.
    I then ran the install, this created 3 files/symlinks, but it did not allow apache to start. From the list of the three files/symlinks, I put the files/symlinks one by one back until apache would not restart.
    I then started moving back the files from the original move-request back to sites-enable. when I got to 000-ispconfig.vhost this also stopped apache from starting.

    I thought this might be important to help analyse the issue, so this is why I mentioned it.

    Hope this makes sense...
     
  6. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    What is the output of
    Code:
    ls -la /usr/local/ispconfig/interface/ssl/
     
  7. mrbronz

    mrbronz Member HowtoForge Supporter

    Code:
    # ls -la /usr/local/ispconfig/interface/ssl/
    total 28
    drwxr-x--- 2 root      root      4096 Apr 16 14:27 .
    drwxr-x--- 9 ispconfig ispconfig 4096 Apr 15 19:03 ..
    -rwxr-x--- 1 root      root        45 Apr 16 12:40 empty.dir
    -rwxr-x--- 1 root      root      3791 Apr 16 12:40 ispserver.crt
    -rwxr-x--- 1 root      root      3243 Apr 16 12:40 ispserver.key
    -rwxr-x--- 1 root      root      7034 Apr 16 12:40 ispserver.pem
    
     
  8. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    I don't know if it would matter, but try setting mode 755 on those certificate files.
     
  9. mrbronz

    mrbronz Member HowtoForge Supporter

    No, nothing changed still the same.
    I'm very disappointed but it looks like I will have to rebuild my server.
    I still have not been able to work out or understand why the certs for the ispc3 control pannel just stopped working, or should that be why they did not automatically renew.
     
  10. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    You probably messed around with something as this does not happen out of the blue.

    You can reinstall or ask someone for personal support. If you reinstall, use the autoinstaller so all is done correctly: https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/
     
  11. mrbronz

    mrbronz Member HowtoForge Supporter

    Thank you for the link Th0m

    Yes, it is possible that I have altered something. But, I had not touched anything after I had got the DNS working correctly. It was only the issue of the ISPC3 control panel not being secure that raised my attention. I am not passing blame, I just want to understand so that I can avoid or prevent something like this from happening again.

    If I could find "personal support" for a reasonable cost I would possibly consider it. I have already said this is a hobby and getting paid support would not really help me to learn. So, I think I will reinstall and use the "autoinstaller" link you so kindly provided.

    I have nothing but admiration for the continued development and support that is given to this project. I will continue to support ISP for the foreseeable future and would also like to thank everyone that has kindly read and attempted to correct my mistakes.
    Many, many thanks.
     
    ahrasis, Th0m and till like this.

Share This Page