llucps

I'll probably have to do that, I'll try to follow https://docs.froxlor.org/latest/admin-guide/configuration/php-fpm/ Fingers crossed Thanks

Yes I'll try to look into this.. just a bit lost where to look.

with you patch and test.php with <?php phpinfo(); ?> same result, Internal Server Error

I there is no solution, I'll try to look into the php-fpm.. just nervous about a migration that's all. It's really strange since the fcgi package apparently has not changed on Trixie, and I have another server running Bookworm and Froxlor 2.3.0, after launching the cron job I get the same permissions and no Internal Server Error and no errors on suexec, it all works fine. /var/www/php-fcgi-scripts # ls -la total 20 drwxr-xr-x 5 root root 4096 Dec 9 15:26 . drwxr-xr-x 10 root root 4096 Oct 30 15:38 .. drwxr-xr-x 22 root root 4096 Dec 9 15:26 development drwxr-xr-x 3 root root 4096 Dec 9 15:26 froxlor.panelI'll join discord, let me try with your patch and get back to you. Thanks.

Launching the cron job without your patch I'm getting the same permission on domain and customer level: /var/www/php-fcgi-scripts # ls -la total 16 drwxr-xr-x 4 root root 4096 Dec 9 15:17 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxrwxr-x 3 root root 4096 Dec 9 15:17 froxlor.panel/var/www/php-fcgi-scripts/froxlor.panel # ls -la total 12 drwxrwxr-x 3 root root 4096 Dec 9 15:17 . drwxr-xr-x 4 root root 4096 Dec 9 15:17 .. drwxrwxr-x 2 froxlorlocal froxlorlocal 4096 Dec 9 15:17 xxxxxx.xxxThe inside xxxxx.xxx the domain I get different permissions: /var/www/php-fcgi-scripts/froxlor.panel/xxxxxx.xxx # ls -la total 16 drwxrwxr-x 2 froxlorlocal froxlorlocal 4096 Dec 9 15:17 . drwxrwxr-x 3 root root 4096 Dec 9 15:17 .. -rwxr-x--- 1 froxlorlocal froxlorlocal 507 Dec 9 15:17 php-fcgi-starter -rw-r--r-- 1 root root 2068 Dec 9 15:17 php.iniI created the test.php inside /var/www/html/ and Internal Server Error there too when running the cron job without your patch

To recap.. these are all the cases and errors I was able to find: If I remove your patch and run the cron job I get the following to errors /var/log/apache2/suexec.log [2025-12-09 14:53:52]: uid: (10004/xxxxx) gid: (10004/xxxxx) cmd: php-fcgi-starter [2025-12-09 14:53:52]: directory is writable by others: (/var/www/php-fcgi-scripts/xxxx/xxxxx.org)/var/customers/logs/xxx-error.log [Tue Dec 09 14:36:55.663475 2025] [fcgid:warn] [pid 70913:tid 70913] (104)Connection reset by peer: [client xxx.xxx.xxx.xxx:40798] mod_fcgid: error reading data from FastCGI server [Tue Dec 09 14:36:55.663591 2025] [core:error] [pid 70913:tid 70913] [client xxx.xxx.xxx.xxx:40798] End of script output before headers: index.phpThe result is permissions and Internal Server Error /var/www/php-fcgi-scripts/ total 16 drwxr-xr-x 4 root root 4096 Dec 8 14:51 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxrwxr-x 3 root root 4096 Dec 8 14:51 froxlor.panel drwxrwxr-x 5 root root 4096 Dec 8 14:51 xxxxIf I apply your patch I get only the error on apache logs /var/customers/logs/xxx-error.log [Tue Dec 09 14:36:55.663475 2025] [fcgid:warn] [pid 70913:tid 70913] (104)Connection reset by peer: [client xxx.xxx.xxx.xxx:40798] mod_fcgid: error reading data from FastCGI server [Tue Dec 09 14:36:55.663591 2025] [core:error] [pid 70913:tid 70913] [client xxx.xxx.xxx.xxx:40798] End of script output before headers: index.phpNo errors on /var/log/apache2/suexec.log And the same permissions /var/www/php-fcgi-scripts/ total 16 drwxr-xr-x 4 root root 4096 Dec 8 14:51 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxrwxr-x 3 root root 4096 Dec 8 14:51 froxlor.panel drwxrwxr-x 5 root root 4096 Dec 8 14:51 xxxxSo, for the moment the only trick is to use 755 on your patch. I don't know where else to look

So, putting back your original 0750 permissions, I see the suexec does not complain but still getting Internal Server Error. I'm getting this from apache logs: [Tue Dec 09 14:36:55.663475 2025] [fcgid:warn] [pid 70913:tid 70913] (104)Connection reset by peer: [client xxx.xxx.xxx.xxx:40798] mod_fcgid: error reading data from FastCGI server [Tue Dec 09 14:36:55.663591 2025] [core:error] [pid 70913:tid 70913] [client xxx.xxx.xxx.xxx:40798] End of script output before headers: index.phpThis is the only error I could find. Do you need data from PHPinfo() ? I'm trying to think other logs that I could look at..

I had to change the chmod to 0755 you had 0750, otherwise I was still getting Internal Server Errors, I guess that was mistake? But other than that, yes that seems to fix the problem. Will you apply that patch for the next Froxlor update? Thanks!

Sorry for the mess.. As you said the correct permissions are 755. Every time the cron job runs it changes the permissions to 775, which is wrong, the suexec complains and I get internal server errors trying to go to any of the websites hosted on the server. When that happens if I manually change the permissions of all directories inside /var/www/php-fcgi-scripts/ to 755 it works again, suexec is happy and websites work just fine. So the problem is the cron job php /var/www/html/froxlor/bin/froxlor-cli froxlor:cron -d -r 1 changing the permissions of the directories inside /var/www/php-fcgi-scripts/ to 775 like this: total 16 drwxr-xr-x 4 root root 4096 Dec 8 14:51 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxrwxr-x 3 root root 4096 Dec 8 14:51 froxlor.panel drwxrwxr-x 5 root root 4096 Dec 8 14:51 xxxxand I don't know why

sorry.. my mistake. It changes the permissions to 775, so when the cron runs php /var/www/html/froxlor/bin/froxlor-cli froxlor:cron -d -r 1the result is total 16 drwxr-xr-x 4 root root 4096 Dec 8 14:51 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxrwxr-x 3 root root 4096 Dec 8 14:51 froxlor.panel drwxrwxr-x 5 root root 4096 Dec 8 14:51 xxxx

Sorry about that. The folder is /var/www/php-cgi-scripts/Yes it seems strange but when Froxlor runs the cron task with php /var/www/html/froxlor/bin/froxlor-cli froxlor:cron -d -r 1It changes ht permissions indside the /var/www/php-cgi-scripts/ folder from: total 16 drwxr-xr-x 4 root root 4096 Dec 8 14:51 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxrwxr-x 3 root root 4096 Dec 8 14:51 froxlor.panel drwxrwxr-x 5 root root 4096 Dec 8 14:51 xxxxto total 16 drwxr-xr-x 4 root root 4096 Dec 8 15:46 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxr-xr-x 3 root root 4096 Dec 8 15:46 froxlor.panel drwxr-xr-x 5 root root 4096 Dec 8 15:46 xxxxFYI the /var/www/php-cgi-scripts/ permissions are: drwxr-xr-x 4 root root 4096 Dec 8 17:36 php-fcgi-scriptsI can't see where Froxlor is doing that,, for the moment I just created a cronjob chaning those permissions every 1 minute, but obvisouly is not ideal Thanks

I'm trying to debug a bit more and it happens when launching the cron tasks php /var/www/html/froxlor/bin/froxlor-cli froxlor:cron -d -r 1Checking froxlor file permissions...OK Running "tasks" job (debug) [information] TasksCron: Searching for tasks to do [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Checking for LetsEncrypt client upgrades before renewing certificates:_[Mon Dec 8 05:36:42 PM CET 2025] Already up to date!_[Mon Dec 8 05:36:42 PM CET 2025] Upgrade successful!_[Mon Dec 8 05:36:43 PM CET 2025] Installing cron job_3 0 _ _ _ "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" 2__1_[Mon Dec 8 05:36:43 PM CET 2025] Changed default CA to: https://acme-v02.api.letsencrypt.org/directory [information] No new certificates or certificate updates found [information] apache::createIpPort: creating ip/port settings for xxx.xxx.xxx.xxx:80 [debug] xxx.xxx.xxx.xxx:80 :: inserted vhostcontainer [information] apache::createIpPort: creating ip/port settings for xxx.xxx.xxx.xxx:443 [debug] xxx.xxx.xxx.xxx:443 :: inserted vhostcontainer [information] apache::createVirtualHosts: creating vhost container for domain 15, customer xxxx [information] apache::createVirtualHosts: creating vhost container for domain 8, customer xxxx [information] apache::createVirtualHosts: creating vhost container for domain 7, customer xxxx [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/ [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi [notice] Creating passwd file [notice] Writing 8 entries to passwd file [notice] Succesfully wrote passwd file [notice] Creating group file [notice] Writing 1 entries to group file [notice] Succesfully wrote group file [notice] Creating shadow file [notice] Writing 8 entries to shadow file [notice] Succesfully wrote shadow file [notice] Checking system's last guid [notice] Checking system's OS versionafter this the permissions change to: drwxrwxr-x

Yes I just checked that was well https://metadata.ftp-master.debian.org/changelogs//main/liba/libapache2-mod-fcgid/libapache2-mod-fcgid_2.3.9-4_changelog I'm no opposed to change to php-fpm, just not sure whether it's complicated or not. I'll look into it and see what implies to change.

HI there, After upgrading from Bookworm to Trixie I noticed Internal Server Errors when checking some of the websites. Looking at the logs I found out suexec was complaining about violation [2025-12-08 14:52:40]: directory is writable by others: (/var/www/php-fcgi-scripts/xxxx/xxxx.org)I checked the permissions of the /var/www/php-cgi-scripts with the following outcome total 16 drwxr-xr-x 4 root root 4096 Dec 8 14:51 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxrwxr-x 3 root root 4096 Dec 8 14:51 froxlor.panel drwxrwxr-x 5 root root 4096 Dec 8 14:51 xxxxI manually changed the permissions to 755 and the websites worked again total 16 drwxr-xr-x 4 root root 4096 Dec 8 15:46 . drwxr-xr-x 8 root root 4096 Dec 27 2023 .. drwxr-xr-x 3 root root 4096 Dec 8 15:46 froxlor.panel drwxr-xr-x 5 root root 4096 Dec 8 15:46 xxxxThen I realized that the froxlor tasks overwrites those permissions of all the directories inside php-cgi-scripts directory with drwxrwxr-x Am I doing something wrong? this wasnt' a problem with bookworm. I'm using https://docs.froxlor.org/latest/admin-guide/configuration/fcgid/, well I've been using fast.cgi since when I first installed Froxlor 12 years ago. Any ideas? Do you need some other logs or info from my system to help debug this? Thank you, Lluc

Yes you're right, it was me that I had that redirection in place. I removed and I've been able to login just fine. Thank you

umm.. I'm confused, checking the domain on the Settings panel it seems to be correct: And the apache config file 10_froxlor_ipandport_xxx.xxx.xxx.443.conf:

Hi, After upgrading to Froxlor 2.1 I get this message: My main domain is not managed by Froxlor, but rather manually, mainly because back in the day Froxlor didn't support SSL wildcards certificates, so I managed the main domain myself. I'm guessing this is is the reason ? [other] Domains pointing to the server but are unmanaged by froxlor will now display a corresponding message Any idea of how to resolve this? I would like to keep my main domain as it was and not having Froxlor managing it if possible. Thanks.

Understood 👍 Thanks.

I recently upgraded one of my servers from 0.10.38 to 2.0.5 following the upgrade manual listed on the documentation, and all went well. This morning I saw there was an update to 2.0.7 and I updated with the the command ./bin/froxlor-cli froxlor:update And all went well as well. The weird this my Froxlor installation using the official deb repository wasn't were that I already updated to the latest 2.0.7 version. So I ran apt update and it also went well, but I already did have the latest version that I just installed. So, what's the best approach to update/upgrade Froxlor from now on? I'm a bit confused between apt update and the new Froxlor command ./bin/froxlor-cli froxlor:update Thanks.

I meant that as a compliment being the only thing I had to do following the migration guide which I re-read several times

Bravo! 👏👏👏👏 I had no idea that you're working on Froxlor revamp. It's been a nice surprise. Thank you! For the moment I just upgraded one of the two servers, the one with less services just in case. The only thing I had to do was commenting out the default_pass_scheme = CRYPT option Kudos to all the team @d00p P.D. I'm just curious about the new path to /var/www/html/ . Why of that change? Nevermind I see that that it was a frequent request https://github.com/Froxlor/Froxlor/issues/1068

Thanks @d00p!

Thank you!

I also encountered this problem a couple of weeks ago, suddenly acme.sh was trying to renew one of my domains using ZeroSSL, when in all my settings I explicitly had Letsencrypt as CA. I managed to fix the problem by registering and account with ZeroSSL, it's just a command which registers an account bu using an email, as it's explained here https://stackoverflow.com/questions/68538044/why-cant-write-certificate-crt-with-acme acme.sh --register-account -m yyyy@yahoo.com Once I did that then I was be able to create a new certificate with ZeroSSL, then because I didn't want to change Letsencrypt I forced a new certificate renewal by specifying /root/.acme.sh/acme.sh --home "/root/.acme.sh" --renew-all --debug 2 --log --server letsencrypt --force I still have no idea why acme.sh was trying to use ZeroSSL to issue new certificates, but it's been working fine since then.

Yes that was it, I changed to https://deb.froxlor.org/debian and it wored. Strange that has been working all the years, anyway. thanks! Lluc