This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

User with SSL website exceeds quota
#1
User with SSL website exceeds quota
Hello;

Today I found out, if a user who has SSL enabled exceeds their disk quota, it causes Apache2 to stop, an not start

Heres the Sentora generated vhost as normal:


Code:
# DOMAIN: youthinspire.dynamite.net.nz
<virtualhost *:443>
ServerName youthinspire.dynamite.net.nz
ServerAlias  www.youthinspire.dynamite.net.nz
ServerAdmin soa@dynamite.net.nz
DocumentRoot "/var/sentora/hostdata/youthinspire/public_html/youthinspire_org_nz"
ErrorLog "/var/sentora/logs/domains/youthinspire/youthinspire.dynamite.net.nz-error.log"
CustomLog "/var/sentora/logs/domains/youthinspire/youthinspire.dynamite.net.nz-access.log" combined
CustomLog "/var/sentora/logs/domains/youthinspire/youthinspire.dynamite.net.nz-bandwidth.log" common
<Directory "/var/sentora/hostdata/youthinspire/public_html/youthinspire_org_nz">
  Options +FollowSymLinks -Indexes
  AllowOverride All
  Require all granted
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 403 /_errorpages/403.html
DirectoryIndex index.php index.html index.htm index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)
#php_flag
engine off
<Directory /usr/share/php>
php_admin_value open_basedir none
</Directory>
<Directory /usr/lib/php5/20121212+lfs>
php_admin_value open_basedir none
</Directory>
# Custom VH settings (if any exist)
SSLEngine on
ServerName youthinspire.dynamite.net.nz
ServerAlias youthinspire.dynamite.net.nz
SSLCertificateFile "/var/ssl/youthinspire.dynamite.net.nz.crt"
SSLCertificateKeyFile "/var/ssl/youthinspire.dynamite.net.nz.key"
SSLCertificateChainFile /var/ssl/startssl_256bit/sca.server1.crt
SSLCACertificateFile /var/ssl/startssl_256bit/root.crt

</virtualhost>
# END DOMAIN: youthinspire.dynamite.net.nz
################################################################

Once they exceed their disk quota, the vhost is changed to

Code:
# DOMAIN: youthinspire.dynamite.net.nz
# THIS DOMAIN HAS BEEN DISABLED FOR QUOTA OVERAGE
<virtualhost *:443>
ServerName youthinspire.dynamite.net.nz
ServerAlias www.youthinspire.dynamite.net.nz
ServerAdmin soa@dynamite.net.nz
DocumentRoot "/etc/sentora/panel/etc/static/diskexceeded"
<Directory "/etc/sentora/panel/etc/static/diskexceeded">
  Options +FollowSymLinks -Indexes
  AllowOverride All
  Require all granted
</Directory>
AddType application/x-httpd-php .php3 .php
DirectoryIndex index.php index.html index.htm index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
</virtualhost>
# END DOMAIN: youthinspire.dynamite.net.nz


This appears in the /var/log/apache2/error.log

Code:
[Mon Oct 17 14:03:52.351362 2016] [ssl:emerg] [pid 2070] AH02240: Server should be SSL-aware but has no certificate configured [Hint: SSLC$
[Mon Oct 17 14:03:52.351430 2016] [ssl:emerg] [pid 2070] AH02312: Fatal error initialising mod_ssl, exiting.


I can get Apache working again by altering /etc/sentora/configs/apache/httpd-vhosts.conf from:


Code:
Listen 80
Listen 443



to

Code:
Listen 80
Listen 443 http


Ofcource, next time theres any changes, this is wipped, and Apache2 dies again

Is there any way to keep the cert info in the vhost when the disk is exceeded?
Reply
Thanks given by:
#2
RE: User with SSL website exceeds quota
I guess not then?
Reply
Thanks given by:
#3
RE: User with SSL website exceeds quota
This would be a bug. It is because the SSL directives are not added to the exceeded vhost entry. It points to SSL 443 but there are no SSL certificates for it to load, therefore not letting apache restart without them.

Me.B
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#4
RE: User with SSL website exceeds quota
The vhost with the SSL is invalid and insecure and have nothing to do with the default setup in sentora.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by:
#5
RE: User with SSL website exceeds quota
If a client's account is flagged 'exceeded' then the domain should still work, but point to the exceeded holding page. The vhost still is attached to port 443 but there are no SSL paths to allow it to work. So, either the port needs to revert back to 80 or the SSL cert paths need to be added to the vhost so the exceeded page shows up.

This is a bug.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#6
RE: User with SSL website exceeds quota
Hey;

In /etc/sentora/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php

On lines 185 and 220
above:

Code:
$line .= "</virtualhost>" . fs_filehandler::NewLine();


Insert the following:

Code:
// Client custom vh entry
               $line .= "# Custom VH settings (if any exist)" . fs_filehandler::NewLine();
               $line .= $rowvhost['vh_custom_tx'] . fs_filehandler::NewLine();


Now when users exceed quotas, their custom vhost info is retained
Reply
Thanks given by: broady02
#7
RE: User with SSL website exceeds quota
Thanks for submitting to GitHub!
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#8
RE: User with SSL website exceeds quota
Will this be added to an update? This has caused massive headache, and prolonged downtime manually editing vhosts (removing all extra hosts) to get the panel back up to increase package size, then waiting for/running daemon to regenerate the hosts.

It's a bit a flaw to have to be on standby 24/7 for downtime when clients are uploading when the documentation supports letsencrypt.

These lines of code are a huge relief. Thank you immensely.
Reply
Thanks given by:
#9
RE: User with SSL website exceeds quota
Pushed to Master on GitHub.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
Split Website log files. spoonman 1 3 ,222 01-01-2022, 10:00 AM
Last Post: TGates
MySQL Database user prefix MosleyCale 1 4 ,866 10-17-2020, 09:11 PM
Last Post: Ron-e
Uploaded Website Not Updating GiantEspresso 3 6 ,780 04-19-2020, 09:57 PM
Last Post: Ron-e

Forum Jump:


Users browsing this thread: 1 Guest(s)