I am having a little bit of problem getting Froxlor set up properly, with all domains that I create giving a 403 error when you access the site via http.
I am set up using the following config
ubuntu 18.04 lts
apache 2.4.29
php 7.2
php-fpm
mod_proxy_fcgi
libnss-extrausers
I have followed all the steps, and I think I have the correct boxes ticked, but I am obviously missing something somewhere along the lines. Any pointer in the right direction would be great.
When you go to the domain http://test.bearandbox.uk you get a 403 error with the following message
Forbidden
You don't have permission to access / on this server.
Server unable to read htaccess file, denying access to be safe
Apache/2.4.29 (Ubuntu) Server at test.bearandbox.uk Port 80
The logs give the following error
When I add a domain I get the following config in sites-available
<VirtualHost 167.99.95.176:80 [2a03:b0c0:1:e0::44a:1001]:80>
ServerName test.bearandbox.uk
ServerAdmin simon@bearandbox.uk
DocumentRoot "/var/customers/webs/bearbox/test.bearandbox.uk/"
<FilesMatch \.(php)$>
SetHandler proxy:unix:/var/lib/apache2/fastcgi/1-bearbox-test.bearandbox.uk-php-fpm.socket|fcgi://localhost
</FilesMatch>
<Directory "/var/customers/webs/bearbox/test.bearandbox.uk/">
Require all granted
AllowOverride All
</Directory>
Alias /webalizer "/var/customers/webs/bearbox/webalizer"
LogLevel warn
ErrorLog "/var/customers/logs/bearbox-error.log"
CustomLog "/var/customers/logs/bearbox-access.log" combined
</VirtualHost>
The file at /var/lib/extrausers looks like this
bearbox:x:10000:10000:Simon Yeldon:/var/customers/webs/bearbox/:/bin/false
the file in the php-fpm pool looks like this
;PHP-FPM configuration for "test.bearandbox.uk" created on 2019.05.21 10:30:01
[test.bearandbox.uk]
listen = /var/lib/apache2/fastcgi/1-bearbox-test.bearandbox.uk-php-fpm.socket
listen.owner = bearbox
listen.group = bearbox
listen.mode = 0660
user = bearbox
group = bearbox
pm = static
pm.max_children = 1
pm.max_requests = 0
;chroot = /var/customers/webs/bearbox/test.bearandbox.uk/
security.limit_extensions = .php
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /var/customers/tmp/bearbox/
env[TMPDIR] = /var/customers/tmp/bearbox/
env[TEMP] = /var/customers/tmp/bearbox/
php_admin_value[session.save_path] = /var/customers/tmp/bearbox/
php_admin_value[upload_tmp_dir] = /var/customers/tmp/bearbox/
php_admin_flag[allow_call_time_pass_reference] = Off
php_admin_flag[allow_url_fopen] = Off
php_flag[asp_tags] = Off
php_admin_value[disable_classes] =
php_admin_value[disable_functions] = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system
php_flag[display_errors] = Off
php_flag[display_startup_errors] = Off
php_admin_flag[enable_dl] = Off
php_value[error_reporting] = E_ALL & ~E_NOTICE
php_admin_flag[expose_php] = Off
php_admin_flag[file_uploads] = On
php_admin_flag[cgi.force_redirect] = 1
php_admin_value[gpc_order] = "GPC"
php_flag[html_errors] = Off
php_admin_flag[ignore_repeated_errors] = Off
php_admin_flag[ignore_repeated_source] = Off
php_value[include_path] = ".:/usr/share/php/:/usr/share/php5/"
php_flag[log_errors] = On
php_admin_flag[log_errors] = On
php_value[log_errors_max_len] = 1024
php_flag[magic_quotes_gpc] = Off
php_flag[magic_quotes_runtime] = Off
php_flag[magic_quotes_sybase] = Off
php_value[max_execution_time] = 30
php_admin_value[max_input_time] = 60
php_admin_value[memory_limit] = 128M
php_admin_value[open_basedir] = "/var/customers/webs/bearbox/test.bearandbox.uk:/var/customers/tmp/bearbox:/usr/share/php:/usr/share/php5:/tmp"
php_admin_value[output_buffering] = 4096
php_admin_value[post_max_size] = 16M
php_admin_value[precision] = 14
php_admin_flag[register_argc_argv] = Off
php_admin_flag[report_memleaks] = On
php_admin_value[sendmail_path] = "/usr/sbin/sendmail -t -i -f simon@bearandbox.uk"
php_value[session.auto_start] = 0
php_value[session.cookie_domain] =
php_value[session.cookie_lifetime] = 0
php_value[session.cookie_path] = /
php_admin_value[session.gc_divisor] = 1000
php_admin_value[session.gc_probability] = 1
php_value[session.name] = PHPSESSID
php_value[session.serialize_handler] = php
php_flag[session.use_cookies] = 1
php_flag[short_open_tag] = On
php_flag[suhosin.simulation] = Off
php_flag[track_errors] = Off
php_value[upload_max_filesize] = 32M
php_admin_value[variables_order] = "GPCS"
php_admin_value[opcache.restrict_api] = "/var/customers/webs/bearbox/test.bearandbox.uk/"
If I un-comment the chroot line, it works...
How do I fix this?