This site can’t be reached, Apache Webserver is not running

Virtualmin
1
SYSTEM INFORMATION
OS type and version CentOS Linux 8.5.2111
Webmin version 1.984
Virtualmin version 6.17
Related packages SUGGESTED

Hello,

All my websites are down “This site can’t be reached”

ss1
ss1704×429 15 KB

I noticed that Apache Webserver is not running, and when I click start it doesn’t want to run

ss2
ss21297×257 32.5 KB

Also, as you can notice, the version of webmin and virtualmin is outdated and that’s because I didn’t receive any “Package updates” notification for more than 10 months !

Please I need your help, all my websites are down for more than a week :(, I tried a lot to fix the issue but I can’t find any clear solution or answer!

Thank you!

2

We need the output of the Apache error log to see why it won’t start.

image
image1453×674 161 KB

1 Like
3

Thanks for your answer,

This is the output

[Sun Mar 17 15:26:50.680275 2024] [suexec:notice] [pid 971:tid 140245147683136] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00016: Configuration Failed
[Mon Mar 18 12:10:49.639684 2024] [suexec:notice] [pid 907:tid 140484725803328] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00016: Configuration Failed
[Tue Mar 19 02:15:34.371948 2024] [suexec:notice] [pid 987:tid 139863776864576] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00016: Configuration Failed
[Tue Mar 19 05:05:59.819884 2024] [suexec:notice] [pid 984:tid 140279311661376] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00016: Configuration Failed
[Tue Mar 19 06:08:45.542503 2024] [suexec:notice] [pid 891:tid 139621021817152] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00016: Configuration Failed
[Tue Mar 19 13:39:15.166485 2024] [suexec:notice] [pid 67999:tid 140472081021248] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00016: Configuration Failed
[Tue Mar 19 13:57:02.441651 2024] [suexec:notice] [pid 74001:tid 140404439783744] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00016: Configuration Failed
4

I haven’t admin’d an RPM package system for over a decade now. I don’t have that file ( /usr/sbin/suexec) on my Debian 11. Just some ‘alternative’. So, other than asking for logs, my work here is done. :frowning:

I’m sure someone more knowledgeable will pop by. Hopefully soon.

/etc/alternatives/suexec
/etc/alternatives/suexec.8.gz
/etc/apache2/mods-available/suexec.load
/etc/apache2/mods-enabled/suexec.load
/etc/apache2/suexec
/etc/apache2/suexec/www-data
/usr/lib/apache2/modules/mod_suexec.so
/usr/lib/apache2/suexec
/usr/lib/apache2/suexec-custom
/usr/share/doc/apache2-suexec-custom
5

Also, what was “a lot”?

6

Thanks for your answer,
Hopefully someone will help me to fix that issue ASAP.

7

I mean I made a research to find a solution, unfortunately i can’t find any !

Sorry for the criticize, but some people give a very long answer (on this forum) like an article without giving any solution ! That’s the problem with Virtualmin, you will suffer a lot to find a solution to an issue, not like cPanel for example, when you face an issue, you search on google and you get hundreds of results to fix it, even on YouTube you find solutions to fix the problem !

Now the “Apache Webserver” is not running and doesn’t want to run, should be easy to fix, but look at the pain i’m facing, more than 5 days and still can’t find any answer !

8

Did you restore backups from an older system? The default configuration on CentOS 8 has never included suexec, so I’m not sure how you have configuration for suexec?

9

Thank you Joe for your answer,

I didn’t restore anything !

Maybe this is happening because I didn’t update virtualmin for more than 6 months (for some reasons i’m not receiving any “Package updates” notification)

ss3
ss31271×524 53.9 KB

10

Virtualmin isn’t the web server, so lack of updates in Virtualmin probably has nothing to do with it, but you should fix that. It’s been discussed a few times (OS upgrades will disable the Virtualmin repositories, along with all other third-party repos…an OS upgrade would also explain the problem you’re seeing with Apache, since Virtualmin configured suexec on CentOS 7 until the Virtualmin 7 installer).

There’s documentation for repository problems: Troubleshooting Update Repositories – Virtualmin

If you have follow-up questions about that, please open a new topic rather than in this thread.

I continue to think you have old configuration (possibly from an upgraded OS, without doing the necessary steps after a major OS upgrade).

Use System Settings->Re-check Configuration so Virtualmin can learn about the new state of your system.

Then change execution mode of all of your websites to something other than suexec, because CentOS 8 does not have a custom Apache build that can provide functional suexec. For PHP apps, PHP-FPM is the recommended execution mode. If Apache continues to fail to start, check the config file for mentions of suexec, and show us what you find.

Also CentOS 8 is long EOL. You should convert your system to Rocky or Alma Linux, which are maintained RHEL forks, similar to what CentOS used to be. You cannot safely use CentOS 8. (CentOS 7 is still maintained, but only for a little while longer). We do not support CentOS Stream, and probably can’t reasonably support a stream OS with the number of people we have working on the problem.

Sorry this was a long answer, but, you have several problems.

11

Thank you very much Joe for your detailed answer !

The execution mode is already on FPM for all sites !

ss5
ss5836×344 31 KB

Where can I find the config file for mentions of suexec ?!

Can I please send you in a private message the login details to my virtualmin dashboard and you check …

12

Definitely not! I’m not your sysadmin.

https://forum.virtualmin.com/guidelines

13

Ok sorry, I didn’t know about that …

Where can I check the config file for mentions of suexec ?

14

The Apache configuration files are in the usual location for your OS. On CentOS, that’d be /etc/httpd/httpd.conf, probably (though you may have configured things differently and VirtualHosts might be in their own files).

15

Thank you very much Joe, I found the file, not risky to share it here on public ? It does contain a lot of info (my ip, my websites, and more …)

Is there a way to share it with you safely please

16

We don’t need/want to see the whole file. Only the stuff around mentions of suexec.

17

Here is a sample, (i replaced my ip with xxxx)

suexec doesn’t exist, I only find SuexecUserGroup

# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ServerTokens Prod
ServerSignature Off
TraceEnable Off
<VirtualHost xx.xxx.xxx.xx:80>
    SuexecUserGroup "#1000" "#1000"
    ServerName vmiXXXXXX.contaboserver.net
    ServerAlias www.vmiXXXXXX.contaboserver.net
    ServerAlias mail.vmiXXXXXX.contaboserver.net
    ServerAlias webmail.vmiXXXXXX.contaboserver.net
    ServerAlias admin.vmiXXXXXX.contaboserver.net
    DocumentRoot /home/vmiXXXXXX/public_html
    ErrorLog /var/log/virtualmin/vmiXXXXXX.contaboserver.net_error_log
    CustomLog /var/log/virtualmin/vmiXXXXXX.contaboserver.net_access_log combined
    ScriptAlias /cgi-bin/ /home/vmiXXXXXX/cgi-bin/
    DirectoryIndex index.php index.php4 index.php5 index.htm index.html
    <Directory /home/vmiXXXXXX/public_html>
    Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch 
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    <Directory /home/vmiXXXXXX/cgi-bin>
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    RewriteEngine on
    RewriteCond %{HTTP_HOST} =webmail.vmiXXXXXX.contaboserver.net
    RewriteRule ^(?!/.well-known)(.*) https://vmiXXXXXX.contaboserver.net:20000/ [R]
    RewriteCond %{HTTP_HOST} =admin.vmiXXXXXX.contaboserver.net
    RewriteRule ^(?!/.well-known)(.*) https://vmiXXXXXX.contaboserver.net:10000/ [R]
    RemoveHandler .php
    RemoveHandler .php7.2
<FilesMatch \.php$>
    SetHandler proxy:fcgi://localhost:8000
</FilesMatch>
</VirtualHost>
<VirtualHost xx.xxx.xxx.xx:443>
    SuexecUserGroup "#1000" "#1000"
    ServerName vmiXXXXXX.contaboserver.net
    ServerAlias www.vmiXXXXXX.contaboserver.net
    ServerAlias mail.vmiXXXXXX.contaboserver.net
    ServerAlias webmail.vmiXXXXXX.contaboserver.net
    ServerAlias admin.vmiXXXXXX.contaboserver.net
    DocumentRoot /home/vmiXXXXXX/public_html
    ErrorLog /var/log/virtualmin/vmiXXXXXX.contaboserver.net_error_log
    CustomLog /var/log/virtualmin/vmiXXXXXX.contaboserver.net_access_log combined
    ScriptAlias /cgi-bin/ /home/vmiXXXXXX/cgi-bin/
    DirectoryIndex index.php index.php4 index.php5 index.htm index.html
    <Directory /home/vmiXXXXXX/public_html>
    Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch 
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    <Directory /home/vmiXXXXXX/cgi-bin>
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    RewriteEngine on
    RewriteCond %{HTTP_HOST} =webmail.vmiXXXXXX.contaboserver.net
    RewriteRule ^(?!/.well-known)(.*) https://vmiXXXXXX.contaboserver.net:20000/ [R]
    RewriteCond %{HTTP_HOST} =admin.vmiXXXXXX.contaboserver.net
    RewriteRule ^(?!/.well-known)(.*) https://vmiXXXXXX.contaboserver.net:10000/ [R]
    RemoveHandler .php
    RemoveHandler .php7.2
<FilesMatch \.php$>
    SetHandler proxy:fcgi://localhost:8000
</FilesMatch>
SSLEngine on
SSLCertificateFile /home/vmiXXXXXX/ssl.cert
SSLCertificateKeyFile /home/vmiXXXXXX/ssl.key
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
</VirtualHost>
<VirtualHost xx.xxx.xxx.xx:80>
    SuexecUserGroup "#1018" "#1012"
    ServerName mywebsite.com
    ServerAlias www.mywebsite.com
    ServerAlias mail.mywebsite.com
    ServerAlias webmail.mywebsite.com
    ServerAlias admin.mywebsite.com
    DocumentRoot /home/mywebsite/public_html
    ErrorLog /var/log/virtualmin/mywebsite.com_error_log
    CustomLog /var/log/virtualmin/mywebsite.com_access_log combined
    ScriptAlias /cgi-bin/ /home/mywebsite/cgi-bin/
    ScriptAlias /awstats/ /home/mywebsite/cgi-bin/
    DirectoryIndex index.php index.php4 index.php5 index.htm index.html
    <Directory /home/mywebsite/public_html>
    Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch 
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    <Directory /home/mywebsite/cgi-bin>
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    RewriteEngine on
    RewriteCond %{HTTP_HOST} =webmail.mywebsite.com
    RewriteRule ^(?!/.well-known)(.*) https://mywebsite.com:20000/ [R]
    RewriteCond %{HTTP_HOST} =admin.mywebsite.com
    RewriteRule ^(?!/.well-known)(.*) https://mywebsite.com:10000/ [R]
    RemoveHandler .php
    RemoveHandler .php7.2
    RemoveHandler .php7.3
    RemoveHandler .php7.4
    RemoveHandler .php8.0
<FilesMatch \.php$>
    SetHandler proxy:fcgi://localhost:8001
</FilesMatch>
<Files awstats.pl>
AuthName "mywebsite.com statistics"
AuthType Basic
AuthUserFile /home/mywebsite/.awstats-htpasswd
require valid-user
</Files>
</VirtualHost>
<VirtualHost xx.xxx.xxx.xx:443>
    SuexecUserGroup "#1018" "#1012"
    ServerName mywebsite.com
    ServerAlias www.mywebsite.com
    ServerAlias mail.mywebsite.com
    ServerAlias webmail.mywebsite.com
    ServerAlias admin.mywebsite.com
    DocumentRoot /home/mywebsite/public_html
    ErrorLog /var/log/virtualmin/mywebsite.com_error_log
    CustomLog /var/log/virtualmin/mywebsite.com_access_log combined
    ScriptAlias /cgi-bin/ /home/mywebsite/cgi-bin/
    ScriptAlias /awstats/ /home/mywebsite/cgi-bin/
    DirectoryIndex index.php index.php4 index.php5 index.htm index.html
    <Directory /home/mywebsite/public_html>
    Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch 
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    <Directory /home/mywebsite/cgi-bin>
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    RewriteEngine on
    RewriteCond %{HTTP_HOST} =webmail.mywebsite.com
    RewriteRule ^(?!/.well-known)(.*) https://mywebsite.com:20000/ [R]
    RewriteCond %{HTTP_HOST} =admin.mywebsite.com
    RewriteRule ^(?!/.well-known)(.*) https://mywebsite.com:10000/ [R]
    RemoveHandler .php
    RemoveHandler .php7.2
    RemoveHandler .php7.3
    RemoveHandler .php7.4
    RemoveHandler .php8.0
<FilesMatch \.php$>
    SetHandler proxy:fcgi://localhost:8001
</FilesMatch>
SSLEngine on
SSLCertificateFile /home/mywebsite/ssl.cert
SSLCertificateKeyFile /home/mywebsite/ssl.key
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
<Files awstats.pl>
AuthName "mywebsite.com statistics"
AuthType Basic
AuthUserFile /home/mywebsite/.awstats-htpasswd
require valid-user
</Files>
SSLCACertificateFile /home/mywebsite/ssl.ca
</VirtualHost>
18

Hmm…those should be fine.

OK, you need to find more info about why it’s failing to start. Do systemctl restart httpd and watch the error_log and the journal (do journalctl -fu httpd in another terminal before you restart).

19

Thanks Joe, I appreciate your efforts …

That’s the result of journalctl -fu httpd

[root@vmiXXXXXX ~]# journalctl -fu httpd

-- Logs begin at Tue 2024-03-19 17:03:58 CET. --

Mar 19 17:04:01 vmiXXXXXX.contaboserver.net systemd[1]: Starting The Apache HTTP Server...

Mar 19 17:04:02 vmiXXXXXX.contaboserver.net systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE

Mar 19 17:04:02 vmiXXXXXX.contaboserver.net systemd[1]: httpd.service: Failed with result 'exit-code'.

Mar 19 17:04:02 vmiXXXXXX.contaboserver.net systemd[1]: Failed to start The Apache HTTP Server.

Mar 19 18:05:37 vmiXXXXXX.contaboserver.net systemd[1]: Starting The Apache HTTP Server...

Mar 19 18:05:37 vmiXXXXXX.contaboserver.net systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE

Mar 19 18:05:37 vmiXXXXXX.contaboserver.net systemd[1]: httpd.service: Failed with result 'exit-code'.

Mar 19 18:05:37 vmiXXXXXX.contaboserver.net systemd[1]: Failed to start The Apache HTTP Server.

And that’s the result of systemctl restart httpd

[root@vmiXXXXXX ~]# systemctl restart httpd
Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xe" for details.
20

systemctl status httpd.service

[root@vmiXXXXX ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor prese>
  Drop-In: /usr/lib/systemd/system/httpd.service.d
           └─php-fpm.conf, php73-php-fpm.conf, php74-php-fpm.conf, php80-php-fp>
   Active: failed (Result: exit-code) since Tue 2024-03-19 19:10:53 CET; 4min 5>
     Docs: man:httpd.service(8)
  Process: 17346 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, >
 Main PID: 17346 (code=exited, status=1/FAILURE)
   Status: "Reading configuration..."

Mar 19 19:10:52 vmiXXXXX.contaboserver.net systemd[1]: Starting The Apache HTT>
Mar 19 19:10:53 vmiXXXXX.contaboserver.net systemd[1]: httpd.service: Main pro>
Mar 19 19:10:53 vmiXXXXX.contaboserver.net systemd[1]: httpd.service: Failed w>
Mar 19 19:10:53 vmiXXXXX.contaboserver.net systemd[1]: Failed to start The Apa>

journalctl -xe

[root@vmiXXXXX ~]# journalctl -xe
Mar 19 19:17:27 vmiXXXXX.contaboserver.net postfix/smtpd[17461]: lost connecti>
Mar 19 19:17:27 vmiXXXXX.contaboserver.net postfix/smtpd[17461]: disconnect fr>
Mar 19 19:17:27 vmiXXXXX.contaboserver.net postfix/smtpd[17230]: connect from >
Mar 19 19:17:29 vmiXXXXX.contaboserver.net postfix/smtpd[17230]: discarding EH>
Mar 19 19:17:32 vmiXXXXX.contaboserver.net postfix/smtpd[17461]: connect from >
Mar 19 19:17:32 vmiXXXXX.contaboserver.net postfix/smtpd[17461]: discarding EH>
Mar 19 19:17:33 vmiXXXXX.contaboserver.net saslauthd[763]: pam_unix(smtp:auth)>
Mar 19 19:17:33 vmiXXXXX.contaboserver.net saslauthd[763]: pam_unix(smtp:auth)>
Mar 19 19:17:34 vmiXXXXX.contaboserver.net saslauthd[762]: pam_unix(smtp:auth)>
Mar 19 19:17:34 vmiXXXXX.contaboserver.net saslauthd[762]: pam_unix(smtp:auth)>
Mar 19 19:17:36 vmiXXXXX.contaboserver.net saslauthd[763]: DEBUG: auth_pam: pa>
Mar 19 19:17:36 vmiXXXXX.contaboserver.net saslauthd[763]:                 : a>
Mar 19 19:17:36 vmiXXXXX.contaboserver.net postfix/smtpd[17230]: warning: unkn>
Mar 19 19:17:37 vmiXXXXX.contaboserver.net saslauthd[762]: DEBUG: auth_pam: pa>
Mar 19 19:17:37 vmiXXXXX.contaboserver.net saslauthd[762]:                 : a>
Mar 19 19:17:37 vmiXXXXX.contaboserver.net postfix/smtpd[17461]: warning: unkn>
Mar 19 19:17:38 vmiXXXXX.contaboserver.net postfix/smtpd[17461]: lost connecti>
Mar 19 19:17:38 vmiXXXXX.contaboserver.net postfix/smtpd[17461]: disconnect fr>
Mar 19 19:17:38 vmiXXXXX.contaboserver.net postfix/smtpd[17230]: lost connecti>
Mar 19 19:17:38 vmiXXXXX.contaboserver.net postfix/smtpd[17230]: disconnect fr>
Mar 19 19:17:46 vmiXXXXX.contaboserver.net sshd[18388]: Invalid user train10 f>
Mar 19 19:17:46 vmiXXXXX.contaboserver.net sshd[18388]: pam_unix(sshd:auth): c>
Mar 19 19:17:46 vmiXXXXX.contaboserver.net sshd[18388]: pam_unix(sshd:auth): a>