Jump to content
Froxlor Forum

rolo2912

Members
  • Content Count

    32
  • Joined

  • Last visited

  • Days Won

    1

rolo2912 last won the day on April 16

rolo2912 had the most liked content!

Community Reputation

7 Neutral

About rolo2912

  • Rank
    Advanced Froxie
  1. Ok, found the problem. Had made a mistake when setting up froxlor. Oracle assigns a public IP4 address, but the VM itself only has a private IP4 address. My wrong assumption was that to install froxlor I would need to use the public IP address. This was wrong. Added the private one under IP & Ports, changed this to the default, deleted the "public" IP4 addresses, run the master cronjob and https is working. Lesson: If ifconfig only has a private IP4, use this one for froxlor. Thank you once more d00p for the support offered.
  2. Really appreciate your feedback. a2enmod ssl, yes. root@server6:/home/ubuntu# a2enmod ssl Considering dependency setenvif for ssl: Module setenvif already enabled Considering dependency mime for ssl: Module mime already enabled Considering dependency socache_shmcb for ssl: Module socache_shmcb already enabled Module ssl already enabled root@server6:/home/ubuntu# I am pretty certain it has something to do with the Oracle Cloud server setup. Something with the Virtual Nentwork adapter, the proxies in between etc. Not an expert on this and only a novice froxlor user so a bit over my head. Maybe one day somebody will pass by this forum entry and might have the solution for it. For now, it seems like not a good idea to use oracle cloud service for a LAMPF stack. I really like to thank you, d00p. Amazed at the level of support that you are offering via this forum. Hope the new adventure froxlor.com works our for you and your partners.
  3. Thank you for your feedback. root@server6:/etc/apache2# netstat -anp | grep apache tcp6 0 0 :::80 :::* LISTEN 2507/2 tcp6 0 0 :::443 :::* LISTEN 2507/2 Browsing 132.145.59.212:443 pulls up the Apache/Ubuntu Default page.
  4. Thank you very much for this hint. The normal error log had nothing to offer. Switched SSL engine log level debug on. The result is not of help to me. Suppose the problem is here: AH00566: request failed: malformed request line. Even google has no answer for this one but all the results from google point to some sort of proxy problem. After all it seems to be a problem with the Oracle Cloud Server environment. For reference sake log-file included. [Wed Apr 15 08:54:56.429622 2020] [ssl:info] [pid 1761] AH01876: mod_ssl/2.4.29 compiled against Server: Apache/2.4.29, Library: OpenSSL/1.1.1 [Wed Apr 15 08:54:56.484136 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(401): AH00821: shmcb_init allocated 131072 bytes of shared memory [Wed Apr 15 08:54:56.484152 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(417): AH00822: for 130984 bytes (131072 including header), recommending 4 subcaches, 21 indexes each [Wed Apr 15 08:54:56.484155 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(450): AH00824: shmcb_init_memory choices follow [Wed Apr 15 08:54:56.484157 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(452): AH00825: subcache_num = 4 [Wed Apr 15 08:54:56.484160 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(454): AH00826: subcache_size = 32744 [Wed Apr 15 08:54:56.484162 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(456): AH00827: subcache_data_offset = 520 [Wed Apr 15 08:54:56.484164 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(458): AH00828: subcache_data_size = 32224 [Wed Apr 15 08:54:56.484166 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(460): AH00829: index_num = 21 [Wed Apr 15 08:54:56.484179 2020] [socache_shmcb:info] [pid 1772] AH00830: Shared memory socache initialised [Wed Apr 15 08:54:56.484191 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(401): AH00821: shmcb_init allocated 512000 bytes of shared memory [Wed Apr 15 08:54:56.484206 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(417): AH00822: for 511912 bytes (512000 including header), recommending 32 subcaches, 88 indexes each [Wed Apr 15 08:54:56.484209 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(450): AH00824: shmcb_init_memory choices follow [Wed Apr 15 08:54:56.484211 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(452): AH00825: subcache_num = 32 [Wed Apr 15 08:54:56.484213 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(454): AH00826: subcache_size = 15992 [Wed Apr 15 08:54:56.484215 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(456): AH00827: subcache_data_offset = 2128 [Wed Apr 15 08:54:56.484217 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(458): AH00828: subcache_data_size = 13864 [Wed Apr 15 08:54:56.484220 2020] [socache_shmcb:debug] [pid 1772] mod_socache_shmcb.c(460): AH00829: index_num = 88 [Wed Apr 15 08:54:56.484292 2020] [socache_shmcb:info] [pid 1772] AH00830: Shared memory socache initialised [Wed Apr 15 08:54:56.484315 2020] [ssl:info] [pid 1772] AH01887: Init: Initializing (virtual) servers for SSL [Wed Apr 15 08:54:56.484345 2020] [ssl:info] [pid 1772] AH01914: Configuring server server6.servo-tec.com:443 for SSL protocol [Wed Apr 15 08:54:56.484350 2020] [ssl:debug] [pid 1772] ssl_engine_init.c(1705): AH: Init: (server6.servo-tec.com:443) mod_md support is unavailable. [Wed Apr 15 08:54:56.484769 2020] [ssl:debug] [pid 1772] ssl_engine_init.c(1989): AH02209: CA certificate: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US [Wed Apr 15 08:54:56.484978 2020] [ssl:debug] [pid 1772] ssl_engine_init.c(1118): AH01904: Configuring server certificate chain (1 CA certificate) [Wed Apr 15 08:54:56.484985 2020] [ssl:debug] [pid 1772] ssl_engine_init.c(492): AH01893: Configuring TLS extension handling [Wed Apr 15 08:54:56.485199 2020] [ssl:debug] [pid 1772] ssl_util_ssl.c(470): AH02412: [server6.servo-tec.com:443] Cert matches for name 'server6.servo-tec.com' [subject: CN=server6.servo-tec.com / issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US / serial: 04BBD791C75F48379F495B5E4DC6C68DFA5A / notbefore: Apr 13 05:31:45 2020 GMT / notafter: Jul 12 05:31:45 2020 GMT] [Wed Apr 15 08:54:56.485226 2020] [ssl:info] [pid 1772] AH02568: Certificate and private key server6.servo-tec.com:443:0 configured from /etc/ssl/froxlor-custom/server6.servo-tec.com.crt and /etc/ssl/froxlor-custom/server6.servo-tec.com.key [Wed Apr 15 08:54:56.485321 2020] [ssl:info] [pid 1772] AH01876: mod_ssl/2.4.29 compiled against Server: Apache/2.4.29, Library: OpenSSL/1.1.1 [Wed Apr 15 08:54:56.485347 2020] [watchdog:debug] [pid 1772] mod_watchdog.c(454): AH010033: Watchdog: Running with WatchdogInterval 1000ms [Wed Apr 15 08:54:56.485352 2020] [watchdog:debug] [pid 1772] mod_watchdog.c(462): AH02974: Watchdog: found parent providers. [Wed Apr 15 08:54:56.485356 2020] [watchdog:debug] [pid 1772] mod_watchdog.c(508): AH02977: Watchdog: found child providers. [Wed Apr 15 08:54:56.485358 2020] [watchdog:debug] [pid 1772] mod_watchdog.c(516): AH02978: Watchdog: Looking for child (_singleton_). [Wed Apr 15 08:54:56.485362 2020] [watchdog:debug] [pid 1772] mod_watchdog.c(516): AH02978: Watchdog: Looking for child (_default_). [Wed Apr 15 08:54:56.488694 2020] [mpm_prefork:notice] [pid 1772] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations [Wed Apr 15 08:54:56.488710 2020] [mpm_prefork:info] [pid 1772] AH00164: Server built: 2020-03-13T12:26:16 [Wed Apr 15 08:54:56.488717 2020] [core:notice] [pid 1772] AH00094: Command line: '/usr/sbin/apache2' [Wed Apr 15 08:54:56.488720 2020] [core:debug] [pid 1772] log.c(1570): AH02639: Using SO_REUSEPORT: yes (1) [Wed Apr 15 08:54:56.488723 2020] [mpm_prefork:debug] [pid 1772] prefork.c(919): AH00165: Accept mutex: sysvsem (default: sysvsem) [Wed Apr 15 08:54:56.525530 2020] [watchdog:debug] [pid 1778] mod_watchdog.c(565): AH02980: Watchdog: nothing configured? [Wed Apr 15 08:54:56.525641 2020] [watchdog:debug] [pid 1777] mod_watchdog.c(565): AH02980: Watchdog: nothing configured? [Wed Apr 15 08:54:56.526269 2020] [watchdog:debug] [pid 1775] mod_watchdog.c(565): AH02980: Watchdog: nothing configured? [Wed Apr 15 08:54:56.526771 2020] [watchdog:debug] [pid 1776] mod_watchdog.c(565): AH02980: Watchdog: nothing configured? [Wed Apr 15 08:54:56.527876 2020] [watchdog:debug] [pid 1774] mod_watchdog.c(565): AH02980: Watchdog: nothing configured? [Wed Apr 15 08:59:29.772117 2020] [watchdog:debug] [pid 1825] mod_watchdog.c(565): AH02980: Watchdog: nothing configured? [Wed Apr 15 09:04:39.906478 2020] [core:debug] [pid 1777] protocol.c(1278): [client 162.xxx.128.xxx:49410] AH00566: request failed: malformed request line [Wed Apr 15 09:10:39.891356 2020] [core:debug] [pid 1774] protocol.c(1278): [client 107.xxx.23.xxx:47495] AH00566: request failed: malformed request line [Wed Apr 15 09:12:32.955657 2020] [core:debug] [pid 1825] protocol.c(1278): [client 45.xxx.108.xx:534] AH00566: request failed: malformed request line [Wed Apr 15 09:15:39.793681 2020] [core:debug] [pid 1778] protocol.c(1278): [client 130.xxx.xxx.xxx:48720] AH00566: request failed: malformed request line [Wed Apr 15 09:15:45.464095 2020] [core:debug] [pid 1777] protocol.c(1278): [client 130.xxx.xxx.xxx:48742] AH00566: request failed: malformed request line [Wed Apr 15 09:15:47.819096 2020] [core:debug] [pid 1775] protocol.c(1278): [client 130.xxx.xxx.xxx:48744] AH00566: request failed: malformed request line [Wed Apr 15 09:15:49.463358 2020] [core:debug] [pid 1776] protocol.c(1278): [client 130.xxx.xxx.xxx:48746] AH00566: request failed: malformed request line
  5. All, is anyone running froxlor on an Oracle Cloud Service Server and has ssl working on it? Froxlor setup is working fine. LetsEncrypt enabled and Cert installed. The vhost container looks ok as well (AFAIK) Port 443 is open as well. Browsing 132.145.59.212:443 pulls up the Apache/Ubuntu Default page. Nevertheless trying to https://server6.servo-tec.com comes back with Error code: SSL_ERROR_RX_RECORD_TOO_LONG All that I can think of now is the Oracle Cloud environment somehow blocking the Cert. openssl s_client -showcerts -connect server6.servo-tec.com:443 comes back with no peer certificate availabe. Any hints are very welcome. Thank you.
  6. Hi all, Behind schedule on this but I am still running php v. 5.5.9.1 on my froxlor server. Having some "old" scripts running I would like to have v7 running site by site with the old, non-supported version. I am running php as FCGI so my question is how I can install v7. Unfortunatly I could not find anything in the wiki or documentation about it. Some information out on the web suggest to do the following: add-apt-repository ppa:ondrej/php apt-get update apt install php7.1 Will doing this keep the current php version running? How can the v7 be used in froxlor --> php configurations. At present php binary points to /usr/bin/php-cgi and file extension is php. Any information or hint is welcome. Thank you in advance.
  7. Ok, very sorry for this. Running all the cron-jobs in the world did not restart the apache webserver because there was an error in one of the SSL config files. So no reload of the webserver was done and hence the cert request not updated. Fixed this temporarily and restarted apache manually and it worked again.
  8. Bit clueless about this on. Have letsencrypt running for a good number of month. Works perfect so far. Now on domain is giving me trouble. At present the error message is: Connection not secure ... Advanced: https://www.pharmabrutscher.de/ Peer’s Certificate has expired. HTTP Strict Transport Security: false HTTP Public Key Pinning: false Checking the setting I found that the SSL Cert had expired. I have deleted the Cert, deleted the files in /etc/ssl/froxlor-custom and removed 2 alias domains (just in case that is giving troubles). Removing the SSL support and LetsEncrypt features in the domain and adding them again trigged the creation of a new cert and under SSL it apears to be valid. Still both firefox and chrome complain about an expired certificated. What am I missing here? Not too sure what is meant by Peers Certificate? All other Certs are running perfectly and get updated. Maybe someone can kindly give me a hint in the right direction. Very much appreciated. Thank you.
  9. In an earlier post it was mentioned: not from within the panel...but just add something like this to a manually created config file that you are able to include in apache.conf I tried the following: In the apache2.conf I added this: IncludeOptional sites-enabled_froxlor/*.conf In the newly created folder I added a file froxlor.conf with the following content: <Directory "/var/www/froxlor/"> Options -Indexes AuthType Basic AuthName "Restricted Area" AuthUserFile /etc/apache2/froxlor_htpasswd/froxlor.htpasswd require valid-user </Directory> The password file is stored in the /etc/apache2/froxlor_htpasswd/froxlor.htpasswd file. However the Apache is not picking up the directions. It is reading the file froxlor.conf for sure. If for example the </Directory> is missing it gives an error message on restart. My guess is, that it is ignored, because the file 10_froxlor_ipandport_xx.xxx.xxx.xx.xx.conf contains the <Virtual Host> including the <Director> options for the var/www/froxlor directory and everything outside the Virtual Host is ignored. Is there any possibility to get the Baisc Authentification working for the froxlor directory? Thank you for any hint.
  10. Is the setting causing problems when using the Email forwarding to an external email address? IE: email address abcdef@adomainonfroxlorserver.com forward to abcdef@gmail.com
  11. Thanks for your quick response. I am using external nameservers, so can you tell me, please, what the standard TXT Record is that is used in froxlor?
  12. Just wondering, is anyone using DMARC or SFP settings on the Nameservers to protect against spoofing. Never noticed it before but on gmail they seem to check against sfp settings. Before: Received-SPF: none (google.com: info@xxxxxxxxxxxxx.ie does not designate permitted sender hosts) client-ip=xx.xxx.xxx.xxx; Authentication-Results: mx.google.com; spf=neutral (google.com: info@xxxxxxxxxxxxx.ie does not designate permitted sender hosts) smtp.mail=info@xxxxxxxxxxxx.ie Received: from www.xxxxxxxxxxxx.ie (xxxxxxx.xxxxxxserver.net [xx.xxx.xxx.xxx]) After adding a TXT record to the Nameserver: TXT "v=spf1 mx -all" Authentication-Results: mx.google.com; spf=pass (google.com: domain of info@xxxxxxxxxxxxx.ie designates xx.xxx.xxx.xxx as permitted sender) smtp.mail=info@xxxxxxxxxxxx.ieReceived: from www.xxxxxxxxxxxx.ie (xxxxxxxxxx.xxxxxxxxserver.net [xx.xxx.xxx.xxx]) by xxxxxxxxxx.xxxxxxxxserver.net (Postfix) with ESMTPA id fsdasdsdafsfdxxsdfadsf My Questions: 1. Did anyone implement this on all the domains running on a froxlor server? 2. If Yes, what record did they use? 3. Is there anything to watch out for? IE. The sender domain is not the one specified in the Postfix-Configuration. Does this cause problems? Thank you for any feedback. Regards, rolo2912
  13. My 1 cent thoughts : google ads if needs to be. It is extremly pleasent to have a forum without any adds. Maybe 2 versions of the forum (with/without ads); pay for without. It would be interesting to see how many users (servers) are out there using froxlor. This would give an idea how much could be raised. pay for features, good idea. sponsers, yes. Is this option currently available ?
×
×
  • Create New...