Redirect 301 nightmare!

Today i woke up to a complete nightmare.
Hestia 301 redirected 6 of my domains on production system.

Log below. (i replaced identifiable data with UserX and domainX)
It seems this happened during let’s encrypt renewal.
only first redirect domain1 to domain2 was wanted, but 6 additional domains from other users got redirected to domain2 also which of course was not wanted.

2022-02-06 05:43:03 v-delete-web-domain-redirect  'User1' 'domain1.tld'
2022-02-06 05:43:04 v-restart-service  'apache2' ''
2022-02-06 05:43:06 v-delete-firewall-ban  '193.56.29.119' 'MAIL'
2022-02-06 05:43:06 v-restart-service  'nginx' ''
2022-02-06 05:43:06 v-delete-web-domain-ssl-force  'User1' 'domain1.tld'
2022-02-06 05:43:07 v-restart-service  'bind9'
2022-02-06 05:43:07 v-delete-dns-record  'User1' 'domain1.tld' '23'
2022-02-06 05:43:07 v-restart-service  'bind9'
2022-02-06 05:43:07 v-add-dns-record  'User1' 'domain1.tld' '@' 'CAA' '0 issue "letsencrypt.org"'
2022-02-06 05:43:09 v-restart-service  'nginx' ''
2022-02-06 05:43:26 v-restart-service  'nginx' ''
2022-02-06 05:43:43 v-generate-ssl-cert  'domain1.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'www.domain1.tld'
2022-02-06 05:43:46 v-restart-service  'apache2' ''
2022-02-06 05:43:47 v-restart-service  'nginx' ''
2022-02-06 05:43:47 v-update-web-domain-ssl 
2022-02-06 05:43:47 v-add-letsencrypt-domain  'User1' 'domain1.tld' 'www.domain1.tld'
2022-02-06 05:43:47 v-restart-service  'apache2' ''
2022-02-06 05:43:48 v-restart-service  'nginx' ''
2022-02-06 05:43:48 v-add-web-domain-ssl-force  'User1' 'domain1.tld'
2022-02-06 05:43:48 v-add-web-domain-redirect  'User1' 'domain1.tld' 'https://domain2.tld' '301'
2022-02-06 05:44:01 v-restart-service  'nginx' ''
2022-02-06 05:44:18 v-restart-service  'nginx' ''
2022-02-06 05:44:35 v-delete-firewall-ban  '5.34.207.67' 'MAIL'
2022-02-06 05:44:35 v-generate-ssl-cert  'mail.domain1.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'webmail.domain1.tld'
2022-02-06 05:44:38 v-restart-service  'apache2' ''
2022-02-06 05:44:38 v-restart-service  'nginx' ''
2022-02-06 05:44:38 v-update-mail-domain-ssl 
2022-02-06 05:44:38 v-add-letsencrypt-domain  'User1' 'domain1.tld' '' 'yes'
2022-02-06 05:44:40 v-delete-firewall-ban  '5.34.205.98' 'MAIL'
2022-02-06 05:44:48 v-delete-firewall-ban  '5.34.207.46' 'MAIL'
2022-02-06 05:44:51 v-delete-web-domain-redirect  'User2' 'domain3.tld'
2022-02-06 05:44:51 v-restart-service  'apache2' ''
2022-02-06 05:44:52 v-restart-service  'nginx' ''
2022-02-06 05:44:52 v-delete-web-domain-ssl-force  'User2' 'domain3.tld'
2022-02-06 05:44:53 v-restart-service  'bind9'
2022-02-06 05:44:53 v-delete-dns-record  'User2' 'domain3.tld' '31'
2022-02-06 05:44:53 v-restart-service  'bind9'
2022-02-06 05:44:53 v-add-dns-record  'User2' 'domain3.tld' '@' 'CAA' '0 issue "letsencrypt.org"'
2022-02-06 05:44:55 v-restart-service  'nginx' ''
2022-02-06 05:44:59 v-add-firewall-chain  'MAIL'
2022-02-06 05:44:59 v-add-firewall-ban  '5.34.207.67' 'MAIL'
2022-02-06 05:45:12 v-generate-ssl-cert  'domain3.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' ''
2022-02-06 05:45:15 v-restart-service  'apache2' ''
2022-02-06 05:45:15 v-restart-service  'nginx' ''
2022-02-06 05:45:15 v-update-web-domain-ssl 
2022-02-06 05:45:15 v-add-letsencrypt-domain  'User2' 'domain3.tld' ''
2022-02-06 05:45:16 v-restart-service  'apache2' ''
2022-02-06 05:45:16 v-restart-service  'nginx' ''
2022-02-06 05:45:16 v-add-web-domain-ssl-force  'User2' 'domain3.tld'
2022-02-06 05:45:16 v-add-web-domain-redirect  'User2' 'domain3.tld' 'https://domain2.tld' '301'
2022-02-06 05:45:27 v-delete-web-domain-redirect  'User2' 'domain4.tld'
2022-02-06 05:45:27 v-restart-service  'apache2' ''
2022-02-06 05:45:28 v-restart-service  'nginx' ''
2022-02-06 05:45:28 v-delete-web-domain-ssl-force  'User2' 'domain4.tld'
2022-02-06 05:45:30 v-restart-service  'nginx' ''
2022-02-06 05:45:34 v-delete-firewall-ban  '5.34.205.74' 'MAIL'
2022-02-06 05:45:47 v-restart-service  'nginx' ''
2022-02-06 05:45:50 v-add-firewall-chain  'MAIL'
2022-02-06 05:45:50 v-add-firewall-ban  '5.34.207.46' 'MAIL'
2022-02-06 05:46:03 v-generate-ssl-cert  'domain4.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'www.domain4.tld'
2022-02-06 05:46:06 v-restart-service  'apache2' ''
2022-02-06 05:46:07 v-restart-service  'nginx' ''
2022-02-06 05:46:07 v-update-web-domain-ssl 
2022-02-06 05:46:07 v-add-letsencrypt-domain  'User2' 'domain4.tld' 'www.domain4.tld'
2022-02-06 05:46:07 v-restart-service  'apache2' ''
2022-02-06 05:46:08 v-restart-service  'nginx' ''
2022-02-06 05:46:08 v-add-web-domain-ssl-force  'User2' 'domain4.tld'
2022-02-06 05:46:08 v-add-web-domain-redirect  'User2' 'domain4.tld' 'https://domain2.tld' '301'
2022-02-06 05:46:19 v-delete-web-domain-redirect  'User3' 'domain5.tld'
2022-02-06 05:46:19 v-restart-service  'apache2' ''
2022-02-06 05:46:20 v-restart-service  'nginx' ''
2022-02-06 05:46:20 v-delete-web-domain-ssl-force  'User3' 'domain5.tld'
2022-02-06 05:46:21 v-restart-service  'bind9'
2022-02-06 05:46:21 v-delete-dns-record  'User3' 'domain5.tld' '41'
2022-02-06 05:46:21 v-restart-service  'bind9'
2022-02-06 05:46:21 v-add-dns-record  'User3' 'domain5.tld' '@' 'CAA' '0 issue "letsencrypt.org"'
2022-02-06 05:46:23 v-restart-service  'nginx' ''
2022-02-06 05:46:34 v-delete-firewall-ban  '194.99.45.5' 'MAIL'
2022-02-06 05:46:40 v-restart-service  'nginx' ''
2022-02-06 05:46:41 v-delete-firewall-ban  '92.255.85.135' 'SSH'
2022-02-06 05:46:42 v-delete-firewall-ban  '5.34.207.107' 'MAIL'
2022-02-06 05:46:45 v-add-firewall-chain  'MAIL'
2022-02-06 05:46:45 v-add-firewall-ban  '5.34.205.74' 'MAIL'
2022-02-06 05:46:51 v-add-firewall-chain  'MAIL'
2022-02-06 05:46:51 v-add-firewall-ban  '5.34.205.98' 'MAIL'
2022-02-06 05:46:57 v-generate-ssl-cert  'domain5.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'www.domain5.tld'
2022-02-06 05:46:59 v-restart-service  'apache2' ''
2022-02-06 05:47:00 v-restart-service  'nginx' ''
2022-02-06 05:47:00 v-update-web-domain-ssl 
2022-02-06 05:47:00 v-add-letsencrypt-domain  'User3' 'domain5.tld' 'www.domain5.tld'
2022-02-06 05:47:00 v-restart-service  'apache2' ''
2022-02-06 05:47:01 v-restart-service  'nginx' ''
2022-02-06 05:47:01 v-add-web-domain-ssl-force  'User3' 'domain5.tld'
2022-02-06 05:47:01 v-add-web-domain-redirect  'User3' 'domain5.tld' 'https://domain2.tld' '301'
2022-02-06 05:47:04 v-add-firewall-chain  'MAIL'
2022-02-06 05:47:04 v-add-firewall-ban  '5.34.207.107' 'MAIL'
2022-02-06 05:47:15 v-delete-web-domain-redirect  'User4' 'domain6.tld'
2022-02-06 05:47:16 v-restart-service  'apache2' ''
2022-02-06 05:47:16 v-restart-service  'nginx' ''
2022-02-06 05:47:16 v-delete-web-domain-ssl-force  'User4' 'domain6.tld'
2022-02-06 05:47:17 v-restart-service  'bind9'
2022-02-06 05:47:17 v-delete-dns-record  'User4' 'domain6.tld' '23'
2022-02-06 05:47:18 v-restart-service  'bind9'
2022-02-06 05:47:17 v-add-dns-record  'User4' 'domain6.tld' '@' 'CAA' '0 issue "letsencrypt.org"'
2022-02-06 05:47:20 v-restart-service  'nginx' ''
2022-02-06 05:47:24 v-delete-firewall-ban  '5.34.205.95' 'MAIL'
2022-02-06 05:47:37 v-restart-service  'nginx' ''
2022-02-06 05:47:53 v-generate-ssl-cert  'domain6.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'www.domain6.tld'
2022-02-06 05:47:55 v-restart-service  'apache2' ''
2022-02-06 05:47:56 v-restart-service  'nginx' ''
2022-02-06 05:47:56 v-update-web-domain-ssl 
2022-02-06 05:47:56 v-add-letsencrypt-domain  'User4' 'domain6.tld' 'www.domain6.tld'
2022-02-06 05:47:57 v-restart-service  'apache2' ''
2022-02-06 05:47:57 v-restart-service  'nginx' ''
2022-02-06 05:47:57 v-add-web-domain-ssl-force  'User4' 'domain6.tld'
2022-02-06 05:47:57 v-add-web-domain-redirect  'User4' 'domain6.tld' 'https://domain2.tld' '301'
2022-02-06 05:48:10 v-restart-service  'nginx' ''
2022-02-06 05:48:26 v-restart-service  'nginx' ''
2022-02-06 05:48:43 v-generate-ssl-cert  'mail.domain6.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'webmail.domain6.tld'
2022-02-06 05:48:45 v-restart-service  'apache2' ''
2022-02-06 05:48:46 v-restart-service  'nginx' ''
2022-02-06 05:48:46 v-update-mail-domain-ssl 
2022-02-06 05:48:46 v-add-letsencrypt-domain  'User4' 'domain6.tld' '' 'yes'
2022-02-06 05:48:46 v-add-firewall-chain  'MAIL'
2022-02-06 05:48:46 v-add-firewall-ban  '5.34.205.95' 'MAIL'
2022-02-06 05:48:58 v-delete-web-domain-redirect  'user6' 'domain7.tld'
2022-02-06 05:48:59 v-restart-service  'apache2' ''
2022-02-06 05:48:59 v-restart-service  'nginx' ''
2022-02-06 05:48:59 v-delete-web-domain-ssl-force  'user6' 'domain7.tld'
2022-02-06 05:49:00 v-restart-service  'bind9'
2022-02-06 05:49:00 v-delete-dns-record  'user6' 'domain7.tld' '26'
2022-02-06 05:49:00 v-restart-service  'bind9'
2022-02-06 05:49:00 v-add-dns-record  'user6' 'domain7.tld' '@' 'CAA' '0 issue "letsencrypt.org"'
2022-02-06 05:49:02 v-restart-service  'nginx' ''
2022-02-06 05:49:19 v-restart-service  'nginx' ''
2022-02-06 05:49:36 v-generate-ssl-cert  'domain7.tld' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'www.domain7.tld'
2022-02-06 05:49:39 v-restart-service  'apache2' ''
2022-02-06 05:49:39 v-restart-service  'nginx' ''
2022-02-06 05:49:39 v-update-web-domain-ssl 
2022-02-06 05:49:39 v-add-letsencrypt-domain  'user6' 'domain7.tld' 'www.domain7.tld'
2022-02-06 05:49:40 v-restart-service  'apache2' ''
2022-02-06 05:49:40 v-restart-service  'nginx' ''
2022-02-06 05:49:40 v-add-web-domain-ssl-force  'user6' 'domain7.tld'
2022-02-06 05:49:40 v-add-web-domain-redirect  'user6' 'domain7.tld' 'https://domain2.tld' '301'

You can imagine the nightmare i was having this morning with 4 angry customers. What the hell happened???

I can send the original logs if needed.

N.

I have found the issue

Can you post a hotfix?

1 Like

Will not work you need to unset REDIRECT

I’ve changed v-update-letsencrypt-ssl line 120 to:

            if [[ -n "$domain_redirect" ]] ; then
                $BIN/v-add-web-domain-redirect $user $domain $domain_redirect $domain_redirect_code
                unset domain_redirect
            fi

This I hope will be included in the next HestiaCP update.

I look at this as educational experience. I now know how to clear cached 301 redirections on all major browsers. :crazy_face:

Will not work …
unset REDIRECT

Will…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.