Error 500 on all sites. Please help

We’ve recently upgraded from VestaCP to HestiaCP restoring the backups from VestaCP

Now all my sites have error 500 unless you define index.html at the end of the url. Then the page opens fine. I believe its a disconnect between apache2 and nginx.

How do I fix this? What information can I provide to help? I really need assistance and stuck in a bad place. I have 100 email account users across 18 websites offline this morning.

Thanks!

Upgrading from VestaCP to HesitaCP is not supported unless you have done a clean OS install and then install HestiaCP over the clean OS.

This might be an issue why is not working

Also check error logs /var/log/apache2/domains/ what kind of errors do your have?

Clean install on new server. Ubuntu 20.04.1 → default hestiacp installation
Old VestaCP server was running ubuntu 18.04 - Still running just on different IP now.

I’ve removed sensitive information represented within { }

nano /var/log/apache2/domains/{clientdomain.org.error.log}

each domain name has the following lines repeated hundreds of times…

2021/10/31 23:11:46 [error] 50040#50040: *188 connect() failed (111: Connection refused) while connecting to upstream, client: {my external IP at office}, server: {Client Domain Name}, request: “GET / HTTP/1.1”, upstream: “https://{hestiacp ip of new server}:8443/”, host: “{Client Domain Name}”

229941#229941: *418 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: {client/customer IP}, server: {hestiacp ip of new server}:443

I have on this server:

[email protected]:/home/admin# netstat -ntulp | grep apache
tcp 0 0 127.0.0.1:8081 0.0.0.0:* LISTEN 807537/apache2

This I believe is where my issue is. shouldn’t it be listening on port 8080 and 8443?

On another server I manage I see:
[email protected]:/home/admin/conf/web/uaccb.edu# netstat -ntupl | grep apache
tcp 0 0 208.90.107.151:8080 0.0.0.0:* LISTEN 1099874/apache2
tcp 0 0 127.0.0.1:8081 0.0.0.0:* LISTEN 1099874/apache2
tcp 0 0 208.90.107.151:8443 0.0.0.0:* LISTEN 1099874/apache2

Yes it should listen to 8080 …

Any idea on how to resolve this? see my last comment edit above

Check /usr/local/hestia/conf/hestia.conf WEB_PORT should be 8080

Yes, correct.

ANTISPAM_SYSTEM=‘spamassassin’
ANTIVIRUS_SYSTEM=‘clamav-daemon’
API_ALLOWED_IP=’’
API=‘yes’
BACKEND_PORT=‘8083’
BACKUP_GZIP=‘4’
BACKUP_MODE=‘zstd’
BACKUP_SYSTEM=‘local’
CRON_SYSTEM=‘cron’
DB_PMA_ALIAS=‘phpmyadmin’
DB_SYSTEM=‘mysql’
DEBUG_MODE=‘false’
DISK_QUOTA=‘yes’
DNS_SYSTEM=‘bind9’
ENFORCE_SUBDOMAIN_OWNERSHIP=‘yes’
FILE_MANAGER=‘true’
FIREWALL_EXTENSION=‘fail2ban’
FIREWALL_SYSTEM=‘iptables’
FTP_SYSTEM=‘vsftpd’
IMAP_SYSTEM=‘dovecot’
INACTIVE_SESSION_TIMEOUT=‘60’
LANGUAGE=‘en’
LOGIN_STYLE=‘default’
MAIL_SYSTEM=‘exim4’
PHPMYADMIN_KEY=’’
PLUGIN_APP_INSTALLER=‘true’
POLICY_CSRF_STRICTNESS=‘1’
POLICY_SYSTEM_ENABLE_BACON=‘false’
POLICY_SYSTEM_HIDE_ADMIN=‘no’
POLICY_SYSTEM_HIDE_SERVICES=‘no’
POLICY_SYSTEM_PASSWORD_RESET=‘yes’
POLICY_SYSTEM_PROTECTED_ADMIN=‘no’
POLICY_SYSTEM_PROTECTED_ADMIN=‘no’
POLICY_USER_CHANGE_THEME=‘no’
POLICY_USER_DELETE_LOGS=‘yes’
POLICY_USER_EDIT_DETAILS=‘yes’
POLICY_USER_EDIT_DNS_TEMPLATES=‘yes’
POLICY_USER_EDIT_WEB_TEMPLATES=‘yes’
POLICY_USER_VIEW_LOGS=‘yes’
POLICY_USER_VIEW_SUSPENDED=’’
PROXY_PORT=‘80’
PROXY_SSL_PORT=‘443’
PROXY_SYSTEM=‘nginx’
RELEASE_BRANCH=‘release’
SERVER_SMTP_ADDR=’’
SERVER_SMTP_HOST=’’
SERVER_SMTP_PASSWD=’’
SERVER_SMTP_PORT=’’
SERVER_SMTP_SECURITY=’’
SERVER_SMTP_USER=’’
STATS_SYSTEM=‘awstats’
THEME=‘dark’
UPDATE_HOSTNAME_SSL=‘yes’
UPGRADE_SEND_EMAIL_LOG=‘false’
UPGRADE_SEND_EMAIL=‘true’
USE_SERVER_SMTP=‘false’
VERSION=‘1.4.17’
WEB_BACKEND=‘php-fpm’
WEBMAIL_ALIAS=‘webmail’
WEBMAIL_SYSTEM=‘roundcube’
WEB_PORT=‘8080’
WEB_RGROUPS=‘www-data’
WEB_SSL=‘mod_ssl’
WEB_SSL_PORT=‘8443’
WEB_SYSTEM=‘apache2’

Settings all look fine. I’m lost. I’ve compared all that I can think of with the multiple hestiacp and vestacp servers I manage. Is there someplace else I could look to find where to set LISTEN ports for apache?

Check the config file in /etc/apache2/conf.d/your-ip.conf (or similar).

/etc/apache2/conf.d/domains/{domainname.conf}

Vitrual Host show:

<VirtualHost {Server IP}:8081>

I’ve removed my IP and replaced with {Server IP} – Should this port be 8080?

#=======================================================================#

Default Web Domain Template

DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS

#=======================================================================#

<VirtualHost {ServerIP}:8081>

ServerName {DomainName}
ServerAlias www.{DomainName}
ServerAdmin [email protected]{DomainName}
DocumentRoot /home/{username}/web/{DomainName}/public_html
ScriptAlias /cgi-bin/ /home/{username}/web/{DomainName}/cgi-bin/
Alias /vstats/ /home/{username}/web/{DomainName}/stats/
Alias /error/ /home/{username}/web/{DomainName}/document_errors/
#SuexecUserGroup {username} {username}
CustomLog /var/log/apache2/domains/{DomainName}.bytes bytes
CustomLog /var/log/apache2/domains/{DomainName}.log combined
ErrorLog /var/log/apache2/domains/{DomainName}.error.log
    
IncludeOptional /home/{username}/conf/web/{DomainName}/apache2.forcessl.conf*

<Directory /home/{username}/web/{DomainName}/stats>
    AllowOverride All
</Directory>
<Directory /home/{username}/web/{DomainName}/public_html>
    AllowOverride All
    Options +Includes -Indexes +ExecCGI
</Directory>

<FilesMatch \.php$>
    SetHandler "proxy:unix:/run/php/php7.4-fpm-{DomainName}.sock|fcgi://localhost"
</FilesMatch>
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

IncludeOptional /home/{username}/conf/web/{DomainName}/apache2.conf_*

<VirtualHost {ServerIP}:8081>

Should be 8080 what template are you using?

I’m using the default template. For example a website name hosted on this server is https://stepabove.it/ which produces error 500

If you browse to Coming Soon with index.html at the end, then landing page loads.

Our default template does not contain the port number

I’ve just now manually updated port from 8081 to 8080 inside all of the /etc/apache2/conf.d/domains/{domainname.conf} files.

Restarted Apache2, Nginx, and Hestia without success fixing any issues.

It will cause issues after templates are rebuild see Message:

Default Web Domain Template #

DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS

You need to find the cause of issue and fix it…

I agree. I really appreciate you. I know the issue is in regards to apache not listening to the correct ports

I’ve ran netstat -ntupl | grep apache on all of the Hestia CP servers I have access to and they all produce 3x lines as details below show. Issue is this I believe, I just do not know how to resolve.

[email protected]:/home/admin/conf/web/{DomainName}# netstat -ntupl | grep apache

tcp 0 0 {ServerWANip}:8080 0.0.0.0:* LISTEN 1065231/apache2
tcp 0 0 127.0.0.1:8081 0.0.0.0:* LISTEN 1099874/apache2
tcp 0 0 {ServerWANip}:8443 0.0.0.0:* LISTEN 1065231/apache2

This server I’m having issues with only shows single port on localhost, no server WAN IP’s (Lacking port 8080 and 8443)

[email protected]:/etc/php/7.4/fpm/pool.d# netstat -ntulp | grep apache
tcp 0 0 127.0.0.1:8081 0.0.0.0:* LISTEN 966204/apache2

how do I find where apache is broken?

virtual host are all correct with port 8080 and SSL port 8443 however apache2 is missing this entirely and only listening to 127.0.0.1:8081 but I do not see where port 8081 is defined in system.

Where can I explicilicy tell apache2 to listen on these ports 8080 and 8443?

Thanks in advance!