Ispconfig3 php5-fpm Error 500 Internal server error

When trying to change a client website on a Ispconfig3 host from Fast-CGI to PHP-FPM the page just gave Error 500 Internal server error. Investigating the site error log showed lines like:

[Sat Oct 22 10:39:56 2016] [error] [client xx.xx.xx.xx] (2)No such file or directory: FastCGI: failed to connect to server "/var/www/clients/client6/web447/cgi-bin/php5-fcgi-*-80-domain.xx": connect() failed
[Sat Oct 22 10:39:56 2016] [error] [client xx.xx.xx.xx] FastCGI: incomplete headers (0 bytes) received from server "/var/www/clients/client6/web447/cgi-bin/php5-fcgi-*-80-domain.xx"

Checking the status of PHP-FPM by the command:

service php5-fpm status

gave the result “not running”.

Investigating the PHP-log file, /var/log/php5-fpm.log, displayed lines like:

[22-Oct-2016 10:34:53] ERROR: [pool web405] cannot get uid for user 'web405'
[22-Oct-2016 10:34:53] ERROR: FPM initialization failed

However, the site widh id 405 and user web405 did no longer exist on the server and has been left there by Ispconfig3 for unknown reasons.

The solution was to manually remove the file /etc/php5/fpm/pool.d/web405.conf file and then:

service php5-fpm restart
service apache2 restart

Magento 2.1 setup readiness check fails – PHP version is empty

If the Magento 2.1 setup readiness check fails with an error message displaying nothing for the PHP version, similar to this:

PHP Version Check
Your PHP version is . The required PHP version is . Hide detail

You might also see error messages about open basedir restrictions, similar to this:

Cannot determine required PHP extensions: Warning: is_dir(): open_basedir restriction in effect. File(/etc/pki/tls/certs) is not within the allowed path(s):

The reason can be that Magento is by default expecting SSL/TLS. If not used, the above can occur.

Solution:

Edit the composer.json file and add a line to the config section so it looks like this:

 "config": {
  "use-include-path": true,
  "disable-tls": true
 },

I.e. add the line “disable-tls”: true (and don’t forget to add a “,” last on the preceding line). Now restart the setup.

osTicket email attachments missing in ticket

Incoming email to osTicket, but attached files from the email message are missing in the ticket.

Make sure attachements are enabled for tickets in osTicket.

  1. Login as osTicket administrator
  2. If you are not on the administrative control panel, switch to it by clicking Administrative control panel (top right menu)
  3. Settings -> Tickets
  4. Scroll down to the attached files section and click on the Config button
  5. Make sure the Allow attached material is ticked and optionally select the file types to accept. Also check the allowed file size so it is sufficient.
  6. Click Save

osTicket ‘Access denied’ after upgrade to 1.9.14

After uploading/copying the files from the upload directory to a osTicket installation in order to upgrade it to osTicket 1.9.14, I got the error message ‘Access denied’ when trying to login as administrator to finalize the upgrade. Deleting the osTicket session cookie did not help either.

It turned out that the problem was that all files in the distribution ZIP-file had file permission ‘000’ causing the trouble. A ls -l looked like this:

---------- 1 webNNN clientX 5162 jun 11 18:22 login.php
---------- 1 webNNN clientX 980 jun 11 18:22 logo.php
---------- 1 webNNN clientX 714 jun 11 18:22 logout.php
---------- 1 webNNN clientX 1584 jun 11 18:22 main.inc.php
---------- 1 webNNN clientX 930 jun 11 18:22 offline.php
---------- 1 webNNN clientX 2830 jun 11 18:22 open.php

A simple fix was needed. Make sure you are in the upload folder of the unpacked distribution zip when you do this:

chmod 644 `find . -type f -print`

Find out what real code a php eval(gzinflate(base64_decode contains

When you are dealing with a hacked or otherwise compromised website where someone has installed a backdoor or other kinds of malicious code you will often find php files with code packed into non-readable format using php eval, like eval(gzinflate(base64_decode.

To find out what the code does, copy the entire eval code (including “eval(“) into this site: http://ddecode.com/phpdecoder/

You will in the end get a human readable version of the code. Usually nasty stuff.

Magento2 System Upgrade fails via Setup Wizard – Error in Update!

When trying to upgrade Magento from 2.0.2 to 2.0.4 I got a windows saying Update in progress and the last line from the system log says “./composer.json has been updated” then nothing more happens for quite a long time. Finally an error screen displays “Error in Update!”.

To restart the update process while trying to figure out the error i had to manually delete the files var/.maintenance.flag and var/.update_in_progress.flag.

Magento System Upgrade error

Magento System Upgrade error

To make Magento run in Apache we had set php.ini for the web user to memory_limit=1024M and according to instructions, the cron jobs should be called with the -c pointing to the php.ini used by the web server, in our case /etc/php5/fpm/php.ini.

No error message revealed why the update failed but I found out that the php.ini we used for cron (/etc/php5/fpm/php.ini) had a memory_limit=128M. By editing this file and increasing it to 1024M the update worked.

Magento and always_populate_raw_post_data readiness test fails

When running the Magento readiness test it failed with the message that always_populate_raw_post_data should be set to -1 since it is running under php 5.6. Even though I tried different methods of setting it to -1 and I could verify it by calling phpinfo(); Magento still complained.

The way I solved is a bit rough and it required that I had full system administrator access to the machine (which I had because it was a dedicated server). This is how I solved it:

echo "always_populate_raw_post_data=-1" > /etc/php5/mods-available/always_populate_raw_post_data.ini
php5enmod always_populate_raw_post_data
service php5-fpm restart
service apache2 restart

Magento “Cron readiness check failed” solved

First of all, check the Magento guide on this problem here.

In my case, at first I didn’t get any errors in the cron logs in <web-root>/var/log. When running the scripts by hand as the website user I got the not so informing “Cron readiness check failed” in the <web-root>/var/log/update.cron.log.

The reason the “Cron readiness failed” was actually due to some files in the file and directory structure in the web root that can not be written by the cron update script. In my case I used the AWstats package to create website statistics placed in a directory called /stats. This directory and it’s file was not writeable by the cron script, causing it to fail, even though the directory /stats and it’s files are not a part of Magento.

I discovered this by investigating the content of the file var/.update_cronjob_status. In this file you can find important information on why the cron update script is failing.

postgrey whitelisting outlook.com

Greylisting is a way of reducing the amount of incoming spam and virus emails, in addition to other counter measures. Postgrey is a good choice if you are running postfix.

However, to be able to recieve emails from senders using outlook.com you need to whitelist it. This is because outlook.com is using a different host on each try to deliver the mail, causing delays up to hours, days or the mail not being delivered at all within time limits.

Create/edit the file /etc/postgrey/whitelist_clients.local and add:

# outlook.com
/^.*\.outbound\.protection\.outlook\.com$/
/^.*\.prod\.outlook\.com$/

Then execute:

service postgrey reload

Edit December 2021: The rule is changed from /^mail-.*\.outbound\.protection\.outlook\.com$/ to /^.*\.outbound\.protection\.outlook\.com$/ as Microsoft has changed their server naming standard.