Jump to content
Froxlor Forum


  • Content Count

  • Joined

  • Last visited

  • Days Won


Posts posted by Adramyttium

  1. Yeah, that exactly the thing I was confused about. From what I can see (and I certainly admit I may have missed something), the two IP/port combos I'm trying to delete don't seem to be used anywhere else in the system.

    One other thing I noticed recently, and I have no idea is this plays into my problem or not, but for the customer I created ('Practice') I created two test email addresses and corresponding accounts for both hosted domains on my froxlor. Then I decided against using email. I went in and first deleted each of the email accounts and then deleted email addresses themselves for those domains. However, if I look at the admin and customer stats, it still shows that two email address and accounts still exist.

    Again, thanks for your help. I'll get some credentials for the machine and froxlor as soon as I can. I'm at my day job at the moment.





  2. I have froxlor configured to use SSL with Let's Encrypt, and have the system set up to auto redirect to SSL (https) if the user tried to navigate to the froxlor admin with http.

    The problem: When froxlor redirects automatically to SSL, is attempt to do so using port 993, rather than port 443. As a result the page doesn't load.

    Originally, I set up only two IPs in froxlor, one for standard web hosting traffic (port 80), and one for SSL web traffic (port 443)

    At one point, I thought I'd use froxlor for email, so I created two additional IP entries for ports 143 and 993.

    Because the redirect was trying to load froxlor on 993, I thought I would simply delete that IP/port, along with the other unused email port 143.

    But I'm prevented from doing so by froxlor, which gives the error for both ports:

    You cannot delete the last system IP, either create a new IP/Port combination for the system IP or change the system IP.

    None of the domains I'm hosting is configured to use the unused IP/port combos, so I'm not sure if this is a bug or not.

    Any help would be appreciated.

    EDITED: I'm currently running 0.10.13


  3. I have set up my froxlor server for email. I have a domain that I'd like to test this out.

    I have set up my domain, "orangekarat.com". This is an email domain.

    I have created one email address with an associated email account and password.

    I have opened up ports 143 and 993 for IMAP messages in froxlor.

    Is this all I need to do, or are there other steps?

    In trying to use the account in a third-party email app, what configurations should I specify?


    Of course this is new to me, so if you have a guide you could recommend for my study, that would be awesome.

  4. I'm running Froxlor on Unbuntu 18.04 having installed the product via apt repository.

    I've successfully changed settings and run the necessary configurations. I chose to secure the froxlor webhost itself using Let's Encrypt. This was successful.

    I've also added a customer domain and secured that domain with SSL using a Let's Encrypt cert.

    So, the hostname of my froxlor webserver is 'admin.orangekarat.com.' SSL is enabled and Let's Encrypt encryption is working as expected.

    The customer domain is my personal domain, 'christopherdrew.com.' SSL is enabled and Let's Encrypt encryption is working as expected.

    Now I want to add another domain using my 'orangekarat.com' main business domain for my own business website. I'm able to add the domain and send traffic to is on port 80 as expected. However, when I try to enable SSL using Let's Encrypt, and error is generated and the SSL cert is not issued.

    For the domain, I have enabled SSL and checked the appropriate IP on port 443. I have also enabled SSL redirects and and checked "Use Let's Encrypt." When the "rebuild webserver-configuration job runs, the log throws the follow error"

    26.02.20 15:55:01 warning Practice Skipping Let's Encrypt generation for orangekarat.com due to an enabled ssl_redirect
    26.02.20 15:55:01 error system orangekarat.com :: empty certificate file! Cannot create ssl-directives

    I let the next pending "rebuild webserver-configuration" job run, and then this error appears:

    26.02.20 16:00:13 error system Could not get Let's Encrypt certificate for orangekarat.com: [Wed Feb 26 16:00:03 UTC 2020] Creating domain key [Wed Feb 26 16:00:05 UTC 2020] The domain key is here: /root/.acme.sh/orangekarat.com/orangekarat.com.key [Wed Feb 26 16:00:05 UTC 2020] Multi domain='DNS:orangekarat.com,DNS:www.orangekarat.com' [Wed Feb 26 16:00:05 UTC 2020] Getting domain auth token for each domain [Wed Feb 26 16:00:07 UTC 2020] Getting webroot for domain='orangekarat.com' [Wed Feb 26 16:00:07 UTC 2020] Getting webroot for domain='www.orangekarat.com' [Wed Feb 26 16:00:07 UTC 2020] orangekarat.com is already verified, skip http-01. [Wed Feb 26 16:00:07 UTC 2020] Verifying: www.orangekarat.com
    26.02.20 16:00:13 error system orangekarat.com :: empty certificate file! Cannot create ssl-directives

    I've confirmed that the 'orangekarat.com' domain is configured with a 'A' record in DNS. The 'admin' subdomain also has an 'A' record.

    I think the reason this is happening is because I've already secured the 'admin' subdomain on orangekarat.com. Is there a way to properly secure the main 'orangekarat.com' domain in this case?


  5. Very interesting. I just tried restarting apache2 from the command line and, sure enough, it failed. I checked the service status:

    sudo systemctl status apache2.service

    apache2.service - The Apache HTTP Server

       Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)

      Drop-In: /lib/systemd/system/apache2.service.d


       Active: failed (Result: exit-code) since Sat 2020-02-22 17:47:15 UTC; 49s ago

      Process: 13800 ExecStop=/usr/sbin/apachectl stop (code=exited, status=1/FAILURE)

      Process: 11724 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=1/FAILURE)

      Process: 13854 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)

     Main PID: 898 (code=exited, status=0/SUCCESS)


    Feb 22 17:47:15 admin systemd[1]: Starting The Apache HTTP Server...

    Feb 22 17:47:15 admin apachectl[13854]: AH00526: Syntax error on line 5 of /etc/apache2/sites-enabled/03_froxlor_ocsp_cache.conf:

    Feb 22 17:47:15 admin apachectl[13854]: Invalid command 'SSLStaplingCache', perhaps misspelled or defined by a module not included in the server config

    Feb 22 17:47:15 admin apachectl[13854]: Action 'start' failed.

    Feb 22 17:47:15 admin apachectl[13854]: The Apache error log may have more information.

    Feb 22 17:47:15 admin systemd[1]: apache2.service: Control process exited, code=exited status=1

    Feb 22 17:47:15 admin systemd[1]: apache2.service: Failed with result 'exit-code'.

    Feb 22 17:47:15 admin systemd[1]: Failed to start The Apache HTTP Server.


    And now froxlor is down altogether. Very odd. I'll poke around some more.

  6. Well, I waited overnight for things to propagate, and I'm still getting the danged login screen. To try to further isolate the cause, I actually deleted the domain and the customer and decided to try again.

    So here is what I have:

    One domain with a single "A" @ DNS record pointing to the server IP address.

    I created a new customer in Froxlor.

    I added the domain to Froxlor (using domain.tld)

    The IP address is assigned to the domain using both ports 80 and 443.

    SSL redirect is off on 443 and I'm not using Let's Encrypt.

    Before clicking save, I checked the /var/customers/webs/ directory for the Customer name. It's there. I click save and a subdomain for the customer is created with /domain.ltd. The default froxlor index.html file appears, and I'm hoping to see that later on when I try to navigate to the domain.

    I then double check /etc/apache2/sites-enabled subdirectory. Here are the contents:

    lrwxrwxrwx 1 root root  35 Feb 20 23:49 000-default.conf -> ../sites-available/000-default.conf

    -rw-r--r-- 1 root root 230 Feb 22 14:25 03_froxlor_ocsp_cache.conf

    -rw-r--r-- 1 root root 264 Feb 22 14:25 05_froxlor_dirfix_nofcgid.conf

    -rw-r--r-- 1 root root 790 Feb 22 14:25 10_froxlor_ipandport_142.

    -rw-r--r-- 1 root root 621 Feb 22 14:25 10_froxlor_ipandport_142.

    -rw-r--r-- 1 root root 774 Feb 22 14:25 35_froxlor_normal_vhost_christopherdrew.com.conf

    -rw-r--r-- 1 root root 342 Feb 22 14:25 35_froxlor_ssl_vhost_christopherdrew.com.conf

    -rw-r--r-- 1 root root 409 Feb 22 14:25 40_froxlor_diroption_adc68c552ae13d6eff87cd61bec19296.conf

    The Listen statement for the ports are in the files prefixed with 10_

    I checked the contents of the 35_froxlor_normal vhost file and the document root for the domain is exactly what I expected: /var/customers/webs/CustomerName/domain.tld/

    I specified no domain alias.

    I make sure all the server config jobs run. And then, I attempt to navigate to http://domain.tld. Result: The froxlor login page.


    I'm probably missing something fundamental, but I just can't figure out what it is.

  7. 1 hour ago, d00p said:

    I hope you mean the files are placed in /etc/apache2/sites-enabled/ and not just /sites-enabled.

    If you want you can PM me access credentials to your server and I can check what's up there because basically this runs out of the box 

    Yes, they are in /etc/apache2/sites-enabled

    One more question: When I was setting things up, I changed the apache2 document root from /var/www/html to /var/www. Would that have caused some kind of issue?

    (And thank you for your quick replies!)


  8. On 11/3/2019 at 8:47 AM, d00p said:

    Check whether the vhosts are being generated correctly and are in the correct folder for the webserver to include. Also check DNS records of the domains and check whether the server and/or domains might be using ipv6 but you did not add the ipv6 address to froxlor, hence a request using ipv6 is always being answered using the default/first vhost the webserver can find.


    I'm totally new to this as well, and I'm experiencing a similar problem. Domains are going to the Froxlor login page. I've checked my DNS records and they are pointing to ipv4 addresses. The vhost files seems to be in place as expected (in /sites-enabled). The server itself is on a DigitialOcean and does not have ipv6 enabled. The files for the web domain seem to be in the correct document root directory. And yet, I get the login page. Any other ideas about what could check?

  • Create New...