PDA

View Full Version : HEEELP!!!! ISPConfig


razvan_vlad
21st May 2007, 04:36 AM
hey guys. i need help in this problem.
i have installed ISPConfig and tried to make new websites. well.. i've made one.. but it won't load. so... i just created a different folder inside /var/www/ with an html file.. and went to httpd.conf and made the virtualServer and this one is working fine as well as the server's default index.html . so. i can access them locally on the server and my network.
but.. when i try to call that website created with ISPconfig.. it won't load. it says connection time out.

ping works well.
on dyndns.com i created a temp dns for this website and i gave it the ip of the cable modem, which goes into my router.. where i forwarded the httpd port towards the server's ip address.

any ideas what's wrong? anyone can help me.. find what settings are wrong.. where.. and how to fix them? anyone who has ISPConfig and websites that are running through ISPConfig so he/she can guide me through it's settings?

i will appreciate your help.
thanks alot

razvan_vlad
21st May 2007, 08:39 AM
hey.. well.. i think it pretty much comes from the dns configuration which im confused about right now.
so.. if anyone here is using ISPConfig.. and is willing to check something for me.. that will be awsome.
so.. example:
my router uses dhcp, and it has static name servers .. from ISP. let's say DNS1 : 23.23.2.1 and DNS2 : 23.23.2.0 and the IP range is between 1 and 59.

my server has IP address : 100.100.1.30 ( which is WITHIN the dhcp range (1-59) )
the network configuration on the server... eth0... has: IP = 100.100.1.30 and primary dns: www.abc.com ; secondary dns: www.abcd.com ;

ISPConfig's settings:
inside the DNS settings - Options :
Default NS1: www.xyx.com
Default NS2: www.xyy.com

now.. after i created a website and a DNS Entry in ISPconfig.. under the DNS Manager section:



NS1: www.abc.com NS2: www.abcd.com




i just need someone to confirm if those settings are ok or not.

if on the eth0 i will use DNS1 and DNS2 same as the dns1 and dns2 from the router (ISP) i won't get my websites loaded. i will get a time out connection.

please help me

razvan_vlad
23rd May 2007, 05:25 AM
hmm.. that's interesting. nobody has any idea about this.

i still can't get my websites to work but locally..
below i wrote my settings:
ok.. so... using ISPConfig with a router i have made those settings:
the server's ip is 192.168.1.30
the router (getway) is 192.168.1.1
the modem's ip (from ISP) is 24.211.xxx.xxx
under ISPConfig - Server - Settings i have the server's ip address (192.168.1.30) ; and under DNS i have provided the Default NS1 with www.myserver1.com and Default NS2 with www.myserver2.com

now.. i bought a domain.. let's say.. www.website1.com and on their website , i made it to point towards my modem's ip (24.211.xxx.xxx)

on my router, i forwarded port 80 towards my server's ip (192.168.1.30) ( this ip is within the range of router's DHCP)

then.. creating a new website with ISPConfig, called www.website1.com , i have choosen it's ip , the same with the server's ip.
then.. under DNS Manager:
"Domain section:" the website's Domain(SOA) is website1.com and IP Address is the address of my modem (the one i had specified when i bought the domain)
"Options section" Nameserver1 is the primary name server from the website i bought the domain .. and Nameserver2 is the 2nd one from that website.


do those settings seem oke ?? i really need help with this.

and just for the curiosity.. on fedora 6 .. when i go to System - Administration - Network .. the eth0 DNSes .. are the DMSes provided from my ISP (the ones that show up on the routher) .
is this correct??


PLEASE PLEASE help me :(

barf
23rd May 2007, 09:50 AM
You're probably not getting any response as this is the Fedora forum not ISP Config. I'm surpirsed you can use it to make websites I thought it was for budding ISP's to manage their customers. Anyway some general guidance for you. First there is no such thing as static DNS but there is static IP. If you wish to run a server and do not have a static IP then you will need to use a service such as Dydns.. On your internal network your server will also need a static IP assigned (dont use DHCP). The DNS records of the Domain registrar need to point to your server IP (or dynamic dns service if you are using one). HTH

razvan_vlad
23rd May 2007, 03:10 PM
ok. so.. im using static ip for my server.. , but im using a router and a cable modem.. . so when i buy a domain, you're saying it should point to my server's ip.. but how can i do that? if i give the server's ip to the domain.. it won't find my server. somehow i have to specify the DNS from my ISP or make it point to the modem's ip. then the modem should forward all the requests towards the server, where it will check for the domain.
is that right? im still confused because nobody will give me an answer saying.. exactly.. what IP and what DNS to give to each of the.. domani, server, ispconfig, website.. when working under a router

barf
23rd May 2007, 09:49 PM
My apologies for not being precise.
The DNS records for your domain (eg mysite.com) need to point to your (static) public IP address. These DNS records will be managed through whoever you bought the domain from. On your router you need to forward port 80 to your servers internal statically assigned IP. Which seems to be what you are doing.
In System / Administration / Network on the devices tab select eth0 and click on edit. you will be presented with a box in which to statically set your severs IP 192.168.1.30, netmask 255.255.255.0 and gateway 192.168.1.1. (the entries in the DNS tab should point to your ISPs DNS servers.

Lets forget ISP Config for now.

If you do not have one already create a index.html file in /var/www/html/ this is the default document root for Apache on Fedora. If you have this set up correctly then it should work. Test it from some other computer, get a friend to try ww.yourwebsite.com. I suggest this as not all routers will allow you to access an internal server 192. ....from an external address www....... If it does not work be patient it can take the DNS system 48 hours to update its records. If it still does not work check that your ISP does not block port 80 (some do).

razvan_vlad
23rd May 2007, 10:46 PM
that's clear enough.. .. i know i've tried that and it worked but locally. i mean.. i could access the websites from my home network. Right now.. all i can access from my homenetwork is .. just the default index.html page .. but accessing it with the server's ip because i didn't buy a domain with the server's default page yet. but.. the thing is i can't access any other webpage inside my home network now.. they all seem to find the server but the the connection times out.

uhmm im not sure yet if my ISP blocks port 80. can you tell me how do i check that? and what's the solution if they do block it?

and can you helm me with the settings in ISPConfig? i mean.. for the server's settings... what "default NS1" and "default NS2" should i put ? and.. alos.. what "nameserver1" and "nameserver2" should i put for a website, under the DNS manager section in ISPConfig.

and thank you alot. :)

barf
24th May 2007, 01:20 AM
Ok, when you say default index.html page do you mean the one that says congrats you have successfully installed Apache now go and put some content in the document root (or something like that).
If so you need to put some content in the document root for apache to serve it. To find out where your doc root is have a look a /etc/httpd/conf/httpd.conf and find the DocumentRoot directive. It will probably be /var/www/html. Have a look in the doc root, are there any files for apache to serve (index.html / index.php).
To find out if your ISP blocks port 80 ASK THEM!. If they do then you will have use a different port (8080) and use a redirect service (see dyndns.com)

Cant help with ISP config. Try posting your questions on that forum

razvan_vlad
24th May 2007, 03:22 AM
hey.. yes.. i mean.. the index.html which is in my documentroot ... /var/www/html. so.. i can access that one by server's ip address from my windows computer. but i can't access any other website that i have created with ISPConfig. and.. i posted those things to howtoforge forum but.. nobody answerd. anyway.. i guess imma try to fix the server without ISPConfig just for the time im gone in vacation.. .
i donno what's wrong with this.. because it worked before.. i could access the websites from my windows computer. and.. right now.. i can access them just on my server. do you think it is possible that my router doesn't actually forward the port? like.. being damaged or something?
i still have to check to see if my ISP does block port 80.. but.. i remember.. that.. last week.. it happend that one of my friends could access one of my websites .. and they said it was just.. pointing to the shared IP page. so.. i think they don't block port 80. anyway.. imma ask them to be sure.
and.. about the redirect service... i actually created 2 domain names at dyndns.com ... but.. what more exactly does redirect mean? like.. if port 80 is blocked.. just redirect the request to port 8080? so all i have to do is .. specify a redirect to port 8080?
and if port 80 is blocked.. don't i have to change apache to listen to port 8080? or.. at least.. add : "Listen 80" and "Listen 8080" .. both.. in https.conf?
is this the right and just this.. needed to make the server to listen to port 8080??

thanks alot buddy!

razvan_vlad
24th May 2007, 04:15 AM
ok.. i just checked with my ISP.. they don't block port 80. so.... that's not the problem :(((((. im desperate.. i wanna get this server to run by friday night.. cause on saturday im leaving the country :(.

barf
24th May 2007, 06:19 AM
Ok. lets fault find. First you do understand that if its not in the doc root it wont get served!! If it is in a folder in the doc root you need to address it as 192.168.1.30/foldername.

Assuming that your hardware is all ok 2 possible problems come to mind, file permissions and selinux. Install setroubleshoot, this will let you know if selinux is blocking anything (my money is on selinux as the problem). Check file permissions for the stuff you are trying to serve.
Now try connecting and monitor your log files for messages, you want to look in /varlog/messages , secure and /var/log/httpd access , error.

yes that is what you do for redirect just tell apache to listen on 8080 and make sure your fire wall lets 8080 through.

razvan_vlad
24th May 2007, 06:23 AM
but.. firewall and selinux are disabled. :( hmm.. let me see.. so.. doc root.. which one is the default.. /var/www or /var/www/html ?

barf
24th May 2007, 07:21 AM
Post #8 tells you how to find the doc root. Putting a server on line with selinux disabled is probably not a good thing

razvan_vlad
24th May 2007, 08:21 AM
does this tell you anything? it's posted in the error_log :

[Thu May 24 03:16:50 2007] [notice] caught SIGTERM, shutting down
[Thu May 24 03:16:51 2007] [notice] core dump file size limit raised to 4294967295 bytes
[Thu May 24 03:16:51 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 24 03:16:52 2007] [notice] Digest: generating secret for digest authentication ...
[Thu May 24 03:16:52 2007] [notice] Digest: done
[Thu May 24 03:16:52 2007] [notice] mod_python: Creating 4 session mutexes based on 150 max processes and 0 max threads.
[Thu May 24 03:16:53 2007] [notice] Apache/2.2.4 (Unix) DAV/2 PHP/5.1.6 mod_python/3.2.8 Python/2.4.4 mod_ssl/2.2.4 OpenSSL/0.9.8b mod_perl/2.0.2 Perl/v5.8.8 configured -- resuming normal operations



and the ssl_error_log :
[Thu May 24 03:20:35 2007] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

barf
24th May 2007, 08:49 PM
The first messages are the normal Apache restart entries. I'm not sure of the exact meaning of the second one but I doubt it has anything to do with your problem.

Re-reading through these posts it would seem that your server is working (you say that you can access index.html from your windows machine). You claim selinux is disabled and your system is not recording any messages when it can't connect to one of your wesites which are in the servers doc root. That does not compute. If you access a server and it works you will get a message in the httpd access.log. If you access a server and it does not work you will get a message in the httpd access.log and the error.log. You are not getting any messages so therefore you are not accessing the server.
I must be missing something here. Do this, fire up your web browser and type this address http://127.0.0.1. Now what do you get in the browser and what do you get in the httpd log files?

razvan_vlad
24th May 2007, 10:39 PM
well.. http://127.0.0.1 .. returns the default index.html in /var/www/html
i also created a virtual host for a website and that doesn't show up. i have checked permitions and they are ok. it just times out.

barf
25th May 2007, 02:00 AM
OK so apache is serving files from /var/ww/html. Good we are getting somewhere.

How did you create a virtual host, be specific.

razvan_vlad
25th May 2007, 02:36 AM
i changed the server's IP address to be outside the router's DHCP range. so now the server's ip is 192.168.1.100 and have the port 80 forwarded to it. the virtual host created below is not running through ISPConfig.
well .. i went to httpd.conf and said:


NameVirtualHost 192.168.1.100:80

<VirtualHost 192.168.1.100:80>
ServerName www.abcde.selfip.com
ServerAlias abcde.selfip.com
DocumentRoot /var/www/html/abcde/web --- here (html), i created the abcde folder and inside i created the web folder
</VirtualHost>

ok. i just made up that www.abcde.selfip.com at dyndns.com and it points to my external ip address ( modem's ip).
also.. in Fedora's menu bar , under System - Administration - Newtwork .. the DNSes are the ones provided by my ISP.

ok.. one thing i tried.. i saw this in fedora's manual (or.. book).. under the server's HTML GUI, and under the Main section, there they have "Available addresses: All available addresses on port 80". this is where you say what addresses should Apache listen for requests. well.. if i go there and set that to be "All addresses on port 80" or even just one address.. and then.. i restart httpd, it fails, it says something like.. make_sock couldn't bind to any address . and it fails. . so.. i just deleted that.. so i have nothing there.. so httpd can work normaly.
u think this might mean something?

also.. on HowToForge forum, .. Falko told me that.. if i bought a domain on a website.. i just have to make it point to my external IP (modem's ip).. and there on their website.. they have those primary and secondary name servers. So. he said that website will take care for the DNS.. so i don't have to create DNS records for my websites when i add them in ISPConfig. what do you think?
do i have to point any DNS to the domain.. ?

barf
25th May 2007, 05:52 AM
Lesson one DHCP. The router does not assign an address to a computer unless the computer asks for it. As you statically set the servers IP address as I told you in an earlier post you do not need to change it. Your name based virtual host should look like this.

# Use name-based virtual hosting.
#
NameVirtualHost *:80
#
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.

<VirtualHost *:80>
ServerAdmin webmaster@yoursite.com
DocumentRoot /var/www/html/yoursitefolder
ServerName www.yoursite.com
ServerAlias yoursite.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>

Under the main apache conf file you should also have.

# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, in addition to the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
Listen 80

The DNS service translates yoursite .com to an IP address. So when you buy a Domain the DNS needs to be told that yoursite.com resolves to your public IP address. Some vendors will do this automatically others will not. Why not? cause you might not have an IP address to point it at.
Why are you using ISP Config.

razvan_vlad
25th May 2007, 06:01 AM
well.. that is pretty much what i have in my httpd.conf.. just that.. i see ur using *:80 instead the server's ip address (e.g 192.168.1.100:80) . imma try that. i wanna use ISPconfig .. so.. it will be easier to add a client to my server.. (like.. friends... ) and.. create new websites.. and so they can manage their websites. for example.. i wanna log on into my server while im gone.. and add a new website.

hmm that's interesting.. .. then.. why my website im created without ISPConfig won't load? it's like.. trying to connect to the page.. but it times out.. it seems like it does find that website but then.. it says can't connect to the server.
imma go ahead and turn my server on in like 3 mins and.. imma post the basic of my httpd.conf file so u can take a look.
thanks again

barf
25th May 2007, 06:32 AM
Computers do not work on pretty much the same 'A' is not the same as 'a'.

There is no IP in the directive as this is telling Apache where to Listen. If you put the servers IP in here you are telling it to listen to itself.

Did you check / set the computers IP address as described in post 6

razvan_vlad
25th May 2007, 06:39 AM
hmm. oke.. that makes sense. yes.. i did set the ip that way. so now the server's ip is 192.168.1.100... which is outside the router's DHCP range. but let me try to substitute the ip with the * .. in httpd.conf and see the result.

by the way.. ISPConfig does create a Vhost_config_file (something like that.. that's the name of the file) and.. it is included in httpd.conf.. (just one command line at the end of httpd.conf).
then.. in this file created by ISPConfig.. it creates the virtual hosts that way... with the server's ip address.
imma go ahead and log on onto my server now and.. post the httpd.conf and the file created by ISPConfig in a minute

razvan_vlad
25th May 2007, 06:57 AM
ok. here is step by step .. what i am doing:

i went online to www.dyndns.com and i created a free domain named www.abcde.selfip.com
here are the settings for this domain:
Hostname: abcde.selfip.com
IP Address: 24.211.xxx.xxx (this is the external ip which dyndns.com automatically finds it and = my modem's ip)
Wildcard: Y
Mail Exchanger: none
Backup MX: N

then.. here is virtual hosting part from my httpd.conf
(it does have Listen 80 included )
#<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>

<VirtualHost *:80>
ServerName www.abcde.selfip.com
ServerAlias abcde.selfip.com
ServerAdmin root@localhost
DocumentRoot /var/www/html/abcde/web
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
</VirtualHost>

<Directory /var/www/sharedip>
Options +Includes -Indexes
AllowOverride None
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

###############ispconfig_log###############
LogFormat "%v||||%b||||%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
CustomLog "|/root/ispconfig/cronolog --symlink=/var/log/httpd/ispconfig_access_log /var/log/httpd/ispconfig_access_log_%Y_%m_%d" combined_ispconfig

<Directory /var/www/*/web>
Options +Includes -Indexes
AllowOverride None
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

<Directory /var/www/*/user/*/web>
Options +Includes -Indexes
AllowOverride None
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

<Directory /var/www/*/cgi-bin>
Options ExecCGI -Indexes
AllowOverride None
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

Include /etc/httpd/conf/vhosts/Vhosts_ispconfig.conf

as you can see the last line.. it includes the Vhost_ispconfig.conf which is created by ISPConfig.
below it Vhost_ispconfig.conf content:

###################################
#
# ISPConfig vHost Configuration File
# Version 1.0
#
###################################
#
NameVirtualHost 192.168.1.100:80
<VirtualHost 192.168.1.100:80>
ServerName localhost
ServerAdmin root@localhost
DocumentRoot /var/www/sharedip
</VirtualHost>
#
#
######################################
# Vhost: www.abcd.selfip.com:80
######################################
#
#
<VirtualHost 192.168.1.100:80>
SuexecUserGroup abcd.selfip web1
ServerName www.abcd.selfip.com:80
ServerAdmin webmaster@abcd.selfip.com
DocumentRoot /var/www/html/web1/web
ServerAlias abcd.selfip.com
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
ScriptAlias /cgi-bin/ /var/www/html/web1/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
ErrorLog /var/www/html/web1/log/error.log
AddType application/x-httpd-php .php .php3 .php4 .php5
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php3>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php4>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php5>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
php_admin_flag safe_mode On
php_admin_value open_basedir /var/www/html/web1/
php_admin_value file_uploads 1
php_admin_value upload_tmp_dir /var/www/html/web1/phptmp/
php_admin_value session.save_path /var/www/html/web1/phptmp/
Alias /error/ "/var/www/html/web1/web/error/"
ErrorDocument 400 /error/invalidSyntax.html
ErrorDocument 401 /error/authorizationRequired.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/fileNotFound.html
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
AliasMatch ^/~([^/]+)(/(.*))? /var/www/html/web1/user/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /var/www/html/web1/user/$1/web/$3
</VirtualHost>

www.abcd.selfip.com is the website i created with ISPConfig.
www.abcde.selfip.com is the one i made it up.. without using ISPconfig.

hope this will let you see it there's any problem.

barf
25th May 2007, 07:12 AM
NameVirtualHost *:80

Do you have that.

It would take me ages to plough through all that, soory buddy uoy're on your own from now on, read the logs.