403 Forbidden error on all sites after unsuccessful attempt with adding LetsEncrypt certificate

3 posts / 0 new
Last post
#1 Sun, 02/03/2019 - 13:53
shillongserver

403 Forbidden error on all sites after unsuccessful attempt with adding LetsEncrypt certificate

Following the directions given here, I tried to install a LetsEncrypt certificate on my Ubuntu 14.04 VPS with SSH (root) like this:

apt-get install certbot python-certbot-apache

I then initiated the automatic certificate installation by running:

certbot --apache

And on the final stages of the installation, I had to choose which sites I want to add the certificates on and I chose 3 site servers that I have within this VPS. After doing that and getting the successful message on the console, I tried opening my sites but all of them return a 403 error instead (even the one's I didn't add a certificate for).

I tried removing the certificates to fix this by deleting the certificates using certbot remove then manually removing the -le-ssl.conffiles generated by certbot and finally changing the folder/file permissions inside every WordPress site public_html to 755 for folders, 644 for files and 640 for the wp-config file using the Virtualmin file manager but the problem is still there.

My apache server logs:

127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)" 127.0.0.1 - - [27/Jan/2019:06:25:27 -0500] "OPTIONS * HTTP/1.0" 200 116 "-" "Apache/2.4.7 (Ubuntu) SVN/1.8.8 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.26 OpenSSL/1.0.1f (internal dummy connection)"

Can you kindly guide me on what to do next to remove the certbot changes and bring the WordPress sites back online?

One of the sites on the server which I tried to add a certificate to.

One of the sites on the server which I didn't add a certificate to.

Mon, 02/04/2019 - 04:11
Jfro

Why did you used certbot, Virtualmin itself has a LE script not using certbot!

So don't know if they can support and do support the certbot option.

You should also ask in certbot forum i think.

You also didn't post versions!  read therefore Forum guidelines ;)

If you have done a websearch / reading wiki and docs virtualmin Letsencrypt before the certbot ....

Mon, 02/04/2019 - 04:54
Jfro

I going to post here, sorry.

I don't know anything about certbot things, only that it is not the default for virtualmin. Can't help therefore.

But read the guidelines about versions, maybe with these used versions someone else could help you, or in the certbot support forum

You say My server is using Ubuntu 14.04.2 with Webmin 1.900 & Virtualmin 6.04.

virtualmin / webmin are not latest or for ubuntu...?

Also don't know if version updates solving some of your problems, don't use ubuntu myself!

For newer versions ubuntu https://www.virtualmin.com/comment/807998#comment-807998