Website [Active] vs [Inactive]

Discussion in 'General' started by onastvar, Mar 6, 2018.

  1. onastvar

    onastvar Member

    I have couple of websites where [Active] checkbox is unchecked and they point to default apache index.html which is correct. I have just unchecked [Active] checkbox from one of the websites and website is still active, any ideas why this is not working as expected?
     
  2. Jesse Norell

    Jesse Norell Well-Known Member

    The job queue is clear? (ie. little red circle indicating # of jobs is gone) If you edit that site settings again, does the Active checkbox show as checked or unchecked (ie. when the page loads, before you change it)?
     
  3. onastvar

    onastvar Member

    Yes, job queue is clear. When I edit site settings again, Active checkbox stays unchecked.
     
  4. Jesse Norell

    Jesse Norell Well-Known Member

    can you change anything else there, eg. php mode? I'll guess you can't, and probably have "admin protection" mode enabled for the site (ie. you can edit it as admin, but not as the client)
     
  5. onastvar

    onastvar Member

    Website was intially set up with php7.1 by admin. I tried changing from php7.1 to default php5.6 before I posted here, same issue.
     
  6. Jesse Norell

    Jesse Norell Well-Known Member

    So the php version will change, but the checkbox won't?
     
  7. onastvar

    onastvar Member

    I can change php version, when I hit SAVE it saves my change. Active box is still unchecked, website is accessible/active.
     
  8. onastvar

    onastvar Member

    Created brand new website which has Active (checked) when I go to URL it shows website inactive (apache default page)?

    I'm seeing following in LOG, I'm not sure if related.
    [INTERFACE]: PHP IDS Alert.Total impact: 5<br/> Affected tags: dt, id, lfi<br/> <br/> Variable: POST.fastcgi_php_version | Value: PHP 7.1:/opt/php-7.1/bin/php-cgi:/opt/php-7.1/lib<br/> Impact: 5 | Tags: dt, id, lfi<br/> Description: Detects specific directory and path traversal | Tags: dt, id, lfi | ID 11<br/> <br/>

    Any ideas?
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

  10. onastvar

    onastvar Member

    I tried to debug, website still shows Inactive (Active is checked). Besides error is post #8, I also see this other error in LOG (i'm not sure if related) :
    INTERFACE]: PHP IDS Alert.Total impact: 11<br/> Affected tags: xss, csrf, id, rfe, lfi<br/> <br/> Variable: COOKIE.__utmz | Value: 230422092.1517260483.111.5.utmcsr=nibbler.silktide.com|utmccn=(referral)|utmcmd=referral|utmcct=/en_US/reports/mydomain.com<br/> Impact: 11 | Tags: xss, csrf, id, rfe, lfi<br/> Description: Detects common XSS concatenation patterns 1/2 | Tags: xss, csrf, id, rfe | ID 30<br/> Description: Detects unknown attack vectors based on PHPIDS Centrifuge detection | Tags: xss, csrf, id, rfe, lfi | ID 67<br/> <br/>
     
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    The IDS message is not related.

    Fine, please post the debug output.
     
  12. onastvar

    onastvar Member

    Sorry about that, I realized after I posted. Here's the logs:

    [email protected]:/# /usr/local/ispconfig/server/server.sh
    19.03.2018-11:27 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
    19.03.2018-11:27 - DEBUG - Found 2 changes, starting update process.
    19.03.2018-11:27 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
    19.03.2018-11:27 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    19.03.2018-11:27 - DEBUG - Network configuration disabled in server settings.
    19.03.2018-11:27 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    19.03.2018-11:27 - DEBUG - Processed datalog_id 5505
    19.03.2018-11:27 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
    19.03.2018-11:27 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    19.03.2018-11:27 - DEBUG - Network configuration disabled in server settings.
    19.03.2018-11:27 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    19.03.2018-11:27 - DEBUG - Processed datalog_id 5507
    19.03.2018-11:27 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
    19.03.2018-11:27 - DEBUG - Restarting httpd: systemctl restart apache2.service
    19.03.2018-11:27 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished.

    cat htf_report.txt
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    IP-address(es) (as per ifconfig): ***.***.***.***
    [INFO] ISPConfig is installed.
    ##### ISPCONFIG #####
    ISPConfig version is 3.1.11

    ##### VERSION CHECK #####
    [INFO] php (cli) version is 5.6.33-0+deb8u1
    [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.33-0+deb8u1

    ##### PORT CHECK #####
    [WARN] Port 8080 (ISPConfig) seems NOT to be listening
    [WARN] Port 8081 (ISPConfig Apps) seems NOT to be listening
    [WARN] Port 80 (Webserver) seems NOT to be listening
    [WARN] Port 443 (Webserver SSL) seems NOT to be listening


    ##### MAIL SERVER CHECK #####

    ##### RUNNING SERVER PROCESSES #####

    [WARN] I could not determine which web server is running.
    [INFO] I found the following mail server(s):
    Postfix (PID 2731)
    [INFO] I found the following pop3 server(s):
    Dovecot (PID 20238)
    [INFO] I found the following imap server(s):
    Dovecot (PID 20238)
    [INFO] I found the following ftp server(s):
    PureFTP (PID 14417)

    ##### LISTENING PORTS #####
    (only ()
    Local (Address)
    [anywhere]:4711 (20238/dovecot)
    [localhost]:8999 (1840/php-fpm.conf))
    [localhost]:10024 (26474/amavisd-new)
    [localhost]:10025 (2731/master)
    [localhost]:10026 (26474/amavisd-new)
    [localhost]:11211 (17979/memcached)
    [localhost]:10027 (2731/master)
    [anywhere]:587 (2731/master)
    [anywhere]:110 (20238/dovecot)
    [anywhere]:143 (20238/dovecot)
    [anywhere]:111 (1787/rpcbind)
    [anywhere]:465 (2731/master)
    [anywhere]:21 (14417/pure-ftpd)
    ***.***.***.***:53 (1889/named)
    [localhost]:53 (1889/named)
    [anywhere]:22 (387/sshd)
    [anywhere]:25 (2731/master)
    [localhost]:953 (1889/named)
    [anywhere]:2812 (1975/monit)
    [localhost]:8991 (2109/php-fpm.conf))
    [anywhere]:993 (20238/dovecot)
    [anywhere]:33441 (1798/rpc.statd)
    [anywhere]:995 (20238/dovecot)
    *:*:*:*::*:4711 (20238/dovecot)
    *:*:*:*::*:3306 (5935/mysqld)
    *:*:*:*::*:587 (2731/master)
    *:*:*:*::*:35597 (1798/rpc.statd)
    [localhost]10 (20238/dovecot)
    [localhost]43 (20238/dovecot)
    [localhost]11 (1787/rpcbind)
    *:*:*:*::*:465 (2731/master)
    *:*:*:*::*:21 (14417/pure-ftpd)
    *:*:*:*::*:4949 (2058/perl)
    *:*:*:*::*:53 (1889/named)
    *:*:*:*::*:22 (387/sshd)
    *:*:*:*::*:25 (2731/master)
    *:*:*:*::*:993 (20238/dovecot)
    *:*:*:*::*:995 (20238/dovecot)

    ##### IPTABLES #####

    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    fail2ban-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25
    fail2ban-dovecot-pop3imap tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993
    fail2ban-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21
    fail2ban-ssh tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22
    Chain FORWARD (policy ACCEPT)
    target prot opt source destination
    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    Chain fail2ban-dovecot-pop3imap (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0
    Chain fail2ban-postfix-sasl (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0
    Chain fail2ban-pureftpd (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0
    Chain fail2ban-ssh (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    systemctl status apache2.service

    Mar 19 11:35:26 sun apache2[12669]: [Mon Mar 19 11:35:26.751972 2018] [pagespeed:warn] [pid 12680] ModPagespeedInheritVHostConfig is deprecated. Please remove it from your configuration.
    Mar 19 11:35:26 sun apache2[12669]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:73
    Mar 19 11:35:26 sun apache2[12669]: AH00526: Syntax error on line 189 of /etc/apache2/sites-enabled/100-mydomain.com.vhost:
    Mar 19 11:35:26 sun apache2[12669]: Invalid command 'Protocols', perhaps misspelled or defined by a module not included in the server configuration
    Mar 19 11:35:26 sun apache2[12669]: Action 'configtest' failed.
    Mar 19 11:35:26 sun apache2[12669]: The Apache error log may have more information.
    Mar 19 11:35:26 sun systemd[1]: apache2.service: Control process exited, code=exited status=1
    Mar 19 11:35:26 sun systemd[1]: Failed to start LSB: Apache2 web server.
    Mar 19 11:35:26 sun systemd[1]: apache2.service: Unit entered failed state.
    Mar 19 11:35:26 sun systemd[1]: apache2.service: Failed with result 'exit-code'
     
    Last edited: Mar 19, 2018
  13. till

    till Super Moderator Staff Member ISPConfig Developer

    Then you did not enable the debug mode as shown in the FAQForge article.
     
  14. onastvar

    onastvar Member

    Sorry about that, I realized after I posted. I included logs in post #12
     
  15. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems as if you added some config in the apache directives field of that site that is invalid, in this case the 'Protocols' line. See also line 189 in the file /etc/apache2/sites-enabled/100-mydomain.com.vhost.err
     
  16. onastvar

    onastvar Member

    After I commented out following lines 179 & 389
    #Protocols h2 h2c http/1.1
    from file
    /etc/apache2/sites-enabled/100-mydomaiin.com.vhost
    it works as expected.

    Do you know if this is correct fix?
     
  17. till

    till Super Moderator Staff Member ISPConfig Developer

    This line is not in the vhost template that ships with ISPConfig 3.1.11. Did you add them in the apache directives field of that site?
     
  18. onastvar

    onastvar Member

    I had these 2 lines for one of the sites (which I now removed)
    from the Available Apache Directive Snippets:

    ModPagespeedDisableFilters rewrite_javascript
    Protocols h2 h2c http/1.1

    Thanks for your quick assistance.
     
    Last edited: Mar 20, 2018

Share This Page