search

cdgco / HestiaWebInterface

[Beta] PHP interface for HesitaCP, providing a beautiful UI, UX, features & integrations.
https://hwi.cdgtech.one
GNU General Public License v3.0
26 stars 9 forks source link

Failed To Connect To Server & Documentation Holes. #12

Closed Stage4000 closed 3 years ago

Stage4000 commented 3 years ago

Same system as yesterday only changes are as follows: PHP 7.4 Ubuntu 20.04 LTS - minimal Hestia standard install instead of vesta

I've tried doing both automatic and manual installs and they both show as unable to connect to the server "Failed to connect to server. Please check config.". The documentation mentions a server side config file but that config doesn't appear to exist in HWI, (it does exist in VWI), so I'm a bit lost there. Other things of note: the automatic installer doesn't ask me to input the panel address like it does with VWI. No PHP errors on install.

Automatic Install Output:

stage4000:/home/admin/web/panel.stage4000.com/public_html# bash <(curl -s https://cdgco.github.io/hst-full) Checking for required packages ... wget found tar found git found

Installing Hestia Web Interface frontend ... Installing Hestia Web Interface backend ...

Installation Complete! Please visit your website online to finish configuration.

Debug Output:

No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04.2 LTS Release: 20.04 Codename: focal VERSION

5.6 7.0 7.1 7.2 7.3 7.4 8.0 max_execution_time 30 max_input_time 60 memory_limit 128M error_reporting E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors Off post_max_size 8M upload_max_filesize 2M max_execution_time 30 max_input_time 60 memory_limit 128M error_reporting E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors Off post_max_size 8M upload_max_filesize 2M max_execution_time 30 max_input_time 60 memory_limit 128M error_reporting E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors Off post_max_size 8M upload_max_filesize 2M max_execution_time 30 max_input_time 60 memory_limit 128M error_reporting E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors Off post_max_size 8M upload_max_filesize 2M max_execution_time 30 max_input_time 60 memory_limit 128M error_reporting E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors Off post_max_size 8M upload_max_filesize 2M max_execution_time 30 max_input_time 60 memory_limit 128M error_reporting E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors Off post_max_size 8M upload_max_filesize 2M max_execution_time 30 max_input_time 60 memory_limit 128M error_reporting E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors Off post_max_size 8M upload_max_filesize 2M config_path /etc/php/7.0/fpm/php.ini /etc/php/8.0/fpm/php.ini /etc/php/7.2/fpm/php.ini /etc/php/7.4/fpm/php.ini /etc/php/7.1/fpm/php.ini /etc/php/5.6/fpm/php.ini /etc/php/7.3/fpm/php.ini Web Server: apache2:8080 (www-data) SSL Support: mod_ssl:8443 Web Backend: php-fpm Proxy Server: nginx:80 Proxy SSL: nginx:443 Statistics Engine: awstats FTP Server: vsftpd Mail Server: exim4 + dovecot + clamav-daemon + spamassassin Webmail alias: webmail Database: mysql phpMyAdmin Alias: phpmyadmin DNS Server: bind9 CRON daemon: cron Firewall: iptables+ fail2ban Backups: local Backup Directory: /backup Disk Quota enabled: no Version: 1.4.9 File Manager enabled: true API enabled: yes API allowed IP's: SMTP Server Account enabled: false Release Branch: release Debug Mode: false Theme: dark Restricted Admin Access: yes Hide System Administator: no Updates: Notify by email: true Updates: Email install log: true NAME STATE CPU MEM UPTIME

apache2 running 0 449 3 php5.6-fpm running 0 7 139 php7.0-fpm running 0 7 138 php7.1-fpm running 0 7 137 php7.2-fpm running 0 7 136 php7.3-fpm running 0 7 135 php7.4-fpm running 0 7 148 php8.0-fpm running 0 8 134 nginx running 0 14 148 bind9 running 0 167 141 exim4 running 0 6 148 dovecot running 0 0 148 clamav-daemon running 0.1 1178 148 spamassassin running 0 266 148 mariadb running 0 672 148 vsftpd running 0 0 148 cron running 0 0 143 ssh running 0 5 148 iptables running 0 0 0 fail2ban running 0.2 133 148

Thanks in advance for your amazing help. P.S. so far im super impressed with Hestia vs Vesta.

cdgco commented 3 years ago

The config file is includes/config.php which just contains your MySQL credentials. All other config variables are stored in MySQL. Are you running Hestia Web Interface on the same server that runs HestiaCP? If not, HestiaCP just introduced a security update that blocks API access to IPs not specified in the control panel, so you may try to manually specify your server IP and make sure that API access is set to enabled in https://YOUR-HESTIACP-SERVER:8083/edit/server/ under the Security -> System section.

After you have ensured that API access is enabled and that your server is either running on the same host or you have specified the IP address to a remote host, you should check the HestiaCP authorization logs to see if there is an authentication failure when connecting to the API. These logs are located in /usr/local/hestia/log/auth.log.

Try refreshing the Hestia Web Interface login page, then check the auth.log file to see if any new lines appear after the refresh. Let me know what you find.

Stage4000 commented 3 years ago

Its same server. auth log shows 2 successful admin logins, note that I dont believe either of these logins are from HWI.

Stage4000 commented 3 years ago

I added 127.0.0.1 and my servers public IP to the API whitelist just in case and its working.

cdgco commented 3 years ago

Their documentation says that 127.0.0.1 should be enabled by default, but I think since the request is being made over the internet it treats it like a remote server so it needs the public IP. I'm glad it's working now and I'll add that to the documentation.

Stage4000 commented 3 years ago

Yeah, I went and changed it and yeah its def the public IP needs whitelisting.

Stage4000 commented 3 years ago

Thank you again for your prompt and accurate support.

Stage4000 commented 3 years ago

ok Ive run into another roadblock, this one a little less major but still concerning. I cant get rid of the 'includes folder is not secure' but it and its contents are all set to 755.

-EDIT ignore this, the contents were 755 but the folder itself wasnt because i was changing permissions as admin when it was owned by root.

Stage4000 commented 3 years ago

Cloudflare API has a bug. Its sending me to the following address (https://stage4000.com:8083/hwi/cloudflare.php?domain=stage4000.com) when it should be sending me to (https://stage4000.com:8083/vwi/cloudflare.php?domain=stage4000.com), the cloudflare portion was never changed properly on the server side and the cloudflare.php file still exists in VWI and no HWI folder exists. Not sure if this is resolved in a future build.