Ubuntu, Apache2, VirtualHosts & websites not working

H4015 · 06-25-2020, 02:57 AM

I am migrating a few websites from a Windows Server that is constantly being attacked to a new Ubuntu 18.04.4 LTS server.

https://www.digitalocean.com/communi...n-ubuntu-18-04

I found this article that I followed, we have two websites that are working that we accessed via IP. when it comes to setup the VirtualHosts there seems to be an issue.

I configure the host file to point to the correct internal IP, I am able to ping it. I access the first site and it shows me the HTML I created as a test landing page. When I try the second one, it keeps forcing me to https/443 and just says on Chrome, "This site can't be reached [url]www..com refused to connect.

From the server, I can see data coming from the TCPDump and it looks a little like this:

Code:

URL 1

07:41:29.016010 IP 192.168.57.3.58903 > psi-wordpress.http: Flags [SEW], seq 3592532184, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
07:41:29.016073 IP psi-wordpress.http > 192.168.57.3.58903: Flags [S.], seq 2825984840, ack 3592532185, win 64240, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
07:41:29.016239 IP 192.168.57.3.58903 > psi-wordpress.http: Flags [.], ack 1, win 8212, length 0
07:41:29.016900 IP 192.168.57.3.58904 > psi-wordpress.http: Flags [SEW], seq 1421737985, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
07:41:29.016916 IP psi-wordpress.http > 192.168.57.3.58904: Flags [S.], seq 460259591, ack 1421737986, win 64240, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
07:41:29.017018 IP 192.168.57.3.58904 > psi-wordpress.http: Flags [.], ack 1, win 8212, length 0
07:41:29.017678 IP 192.168.57.3.58903 > psi-wordpress.http: Flags [P.], seq 1:610, ack 1, win 8212, length 609: HTTP: GET / HTTP/1.1
07:41:29.017714 IP psi-wordpress.http > 192.168.57.3.58903: Flags [.], ack 610, win 501, length 0
07:41:29.018049 IP psi-wordpress.http > 192.168.57.3.58903: Flags [P.], seq 1:181, ack 610, win 501, length 180: HTTP: HTTP/1.1 304 Not Modified
07:41:29.067931 IP 192.168.57.3.58903 > psi-wordpress.http: Flags [.], ack 181, win 8211, length 0
07:41:30.472301 IP 192.168.57.3.58911 > psi-wordpress.https: Flags [SEW], seq 1786197277, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

URL 1 shows me the content of the HTML file as expected.

Code:

URL2

07:41:30.472346 IP psi-wordpress.https > 192.168.57.3.58911: Flags [R.], seq 0, ack 1786197278, win 0, length 0
07:41:30.975592 IP 192.168.57.3.58911 > psi-wordpress.https: Flags [S], seq 1786197277, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
07:41:30.975631 IP psi-wordpress.https > 192.168.57.3.58911: Flags [R.], seq 0, ack 1, win 0, length 0
07:41:31.491257 IP 192.168.57.3.58911 > psi-wordpress.https: Flags [S], seq 1786197277, win 8192, options [mss 1460,nop,nop,sackOK], length 0
07:41:31.491296 IP psi-wordpress.https > 192.168.57.3.58911: Flags [R.], seq 0, ack 1, win 0, length 0
07:41:34.023202 IP psi-wordpress.http > 192.168.57.3.58903: Flags [F.], seq 181, ack 610, win 501, length 0
07:41:34.023373 IP 192.168.57.3.58903 > psi-wordpress.http: Flags [.], ack 182, win 8211, length 0
07:41:35.212318 IP 192.168.57.3.58903 > psi-wordpress.http: Flags [F.], seq 610, ack 182, win 8211, length 0
07:41:35.212353 IP psi-wordpress.http > 192.168.57.3.58903: Flags [.], ack 611, win 501, length 0
07:41:39.212397 IP 192.168.57.3.58904 > psi-wordpress.http: Flags [F.], seq 1, ack 1, win 8212, length 0
07:41:39.212564 IP psi-wordpress.http > 192.168.57.3.58904: Flags [F.], seq 1, ack 2, win 502, length 0
07:41:39.340798 IP 192.168.57.3.58904 > psi-wordpress.http: Flags [.], ack 2, win 8212, length 0
07:41:52.797405 IP 192.168.57.3.59056 > psi-wordpress.https: Flags [SEW], seq 76086843, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
07:41:52.797459 IP psi-wordpress.https > 192.168.57.3.59056: Flags [R.], seq 0, ack 76086844, win 0, length 0
07:41:53.049402 IP 192.168.57.3.59058 > psi-wordpress.https: Flags [SEW], seq 1485882608, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
07:41:53.049440 IP psi-wordpress.https > 192.168.57.3.59058: Flags [R.], seq 0, ack 1485882609, win 0, length 0
07:41:53.297248 IP 192.168.57.3.59056 > psi-wordpress.https: Flags [S], seq 76086843, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

URL 2 keeps refusing the connection.

This is what /etc/apache2/sites-available look like for the respective sites

Code:

<VirtualHost *:80>
    ServerName url1.com
    ServerAlias www.url1.com
    DocumentRoot /var/www/url1.com/public_html
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin admin@url1.com
    ServerName url1.com
    ServerAlias www.url1.com
    DocumentRoot /var/www/url1.com/public_html
    <Directory /var/www/url1.com>
        Allowoverride all
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

My little problem...

Code:

<VirtualHost *.80>
    ServerName url2.com
    ServerAlias www.url2.com
    DocumentRoot /var/www/url2.com/public_html
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin admin@url2.com
    ServerName url2.com
    ServerAlias www.url2.com
    DocumentRoot /var/www/url2.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Looking at /var/log/apache2/error.log it does not show any issues for today either.

Any idea what I might be doing wrong? I have scoured the internet and found no working solution yet.

frankbell · 06-25-2020, 08:01 PM

It might help to have a link to the article you refer to.

This is a shot in the dark, but, if the site(s) have new ip addresses, it can take some time for changes in the DNS record to propagate across the net. Most hosting services will tell you to allow at least 24 hours, but it's usually less.

scasey · 06-25-2020, 08:17 PM

Are you sure that the hosts file is correct?
Is the computer you're connecting from on the same network as the server?
I don’t see reference to the security certificate within the 443 virtual host definition. 443 connections need a cert.
You are restarting the web server after each change, yes?
What does the access log for each domain site say? How does the working one differ from the non-working one? Oh, you have both sites going to the same logs...I recommend separating log files by domain.

diksha_rh · 06-25-2020, 08:59 PM

Hello,

First, we cannot use two different ports in the same configuration file. If you have these two different ports in a single configuration file, then remove from there.

Meanwhile, May I know which two directories you have created for websites?

Thank You,
Diksha

bathory · 06-27-2020, 02:01 AM

@OP

Quote:

This is what /etc/apache2/sites-available look like for the respective sites
<-snip->

Having vhosts config files under that directory does not necessarily means that these vhosts are enabled.
You need to run "a2ensite ..." to enable the vhost(s) you want.

BTW, you can use the following command to see what vhosts are enabled in your ubuntu server:

Code:

apache2ctl -S

Regards

vincix · 06-29-2020, 02:50 PM

And why are you using tcpdump as the first tool to debug this? Not that tcpdump is a bad idea, far from it, but you should be looking into the apache logs. And if you really use tcpdump, you should be searching for the server name and all that.

This might work, but I'm not very sure:

Code:

tcpdump -i eth1 -s 0 -A 'tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420'

As scasey has already pointed out, you're missing the certificates in the https virtual hosts. That means you either haven't restarted the server after making the changes or you apache server isn't working at all after you've tried to restart it, but you just didn't bother to check.