I installed Wordpress 4.8 with Apache 2.4 and MariaDB 10.2 on a FreeBSD 11 server (a vultr vps). All is working without issues, but there are no jails.
Now for extra security, I've set up 2 jails with ezjails. One for the Apache and the other for MariaDB. Some would suggest to put PHP in a jail too, but I need to get this current issue sorted first.
For some reason the browser is showing "Error establishing a database connection" and I can't figure out why.
I think, and hope, it's something really trivial that I've missed. Hopefully someone can cast his/her eye over the below.
Thank you in advance.
This is the /etc/pf.conf:
This is /etc/rc.conf (on the host):
Contents of webserver jail settings (
/usr/local/etc/ezjail/webserver on host)
Contents of mariadbserver jail settings (
/usr/local/etc/ezjail/mariadbserver on host):
Contents of httpd.conf (
/usr/jails/webserver/usr/local/etc/apache24/httpd.conf)
This is my Wordpress config file
/usr/jails/webserver/usr/local/www/apache24/data/domain1/wp-config.php):
Thank you in advance for any enlightening suggestions.
uname -a
Code:
FreeBSD domain1.com 11.0-RELEASE-p9 FreeBSD 11.0-RELEASE-p9
Now for extra security, I've set up 2 jails with ezjails. One for the Apache and the other for MariaDB. Some would suggest to put PHP in a jail too, but I need to get this current issue sorted first.
jls
Code:
JID IP Address Hostname Path
1 192.168.0.2 webserver /usr/jails/webserver
2 192.168.0.3 mariadbserver /usr/jails/mariadbserver
For some reason the browser is showing "Error establishing a database connection" and I can't figure out why.
I think, and hope, it's something really trivial that I've missed. Hopefully someone can cast his/her eye over the below.
Thank you in advance.
ifconfig
Code:
vtnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=6c07bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWTSO,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
ether 56:00:00:79:42:50
inet 45.76.37.55 netmask 0xfffffe00 broadcast 45.76.37.255
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T <full-duplex>
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet 192.168.0.1 netmask 0xfffffff8
inet 192.168.0.2 netmask 0xffffffff
inet 192.168.0.3 netmask 0xffffffff
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
groups: lo
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33160
groups: pflog
This is the /etc/pf.conf:
Code:
me="vtnet0"
IP_PUB="45.76.xx.xx"
IP_JAIL="192.168.0.2" #webserver jail
NET_JAIL="192.168.0.0/24"
PORT_WWW="{ 80,443 }"
PORT_JAIL="{ 80,443,22 }"
[removed]
set loginterface vtnet0
scrub in all
scrub on vtnet0 reassemble tcp no-df random-id
# Redirect TCP traffic to jail
nat on $me inet proto { tcp, udp, icmp } from $IP_PUB to $NET_JAIL -> $IP_JAIL
rdr pass on $me proto tcp from any to $IP_PUB port $PORT_WWW -> $IP_JAIL
# Allow outgoing connection from jails
nat on $me from lo1:network to any -> ($me)
# ---- First rule obligatory "Pass all on loopback"
pass quick on lo0 all
pass quick on lo1 all
[Removed]
This is /etc/rc.conf (on the host):
Code:
Hostname="vultr.local"
sshd_enable="YES"
static_routes="linklocal"
ifconfig_vtnet0="DHCP"
cloned_interfaces="lo1"
ipv4_addrs_lo1="192.168.0.1-9/29"
ezjail_enable="YES"
ifconfig_lo1="inet 192.168.0.1 netmask 255.255.255.0"
pf_enable="YES"
pf_rules="/etc/pf.conf"
[removed]
Contents of webserver jail settings (
/usr/local/etc/ezjail/webserver on host)
Code:
export jail_webserver_hostname="webserver"
export jail_webserver_ip="192.168.0.2"
export jail_webserver_rootdir="/usr/jails/webserver"
[Removed]
Contents of mariadbserver jail settings (
/usr/local/etc/ezjail/mariadbserver on host):
Code:
export jail_mariadbserver_hostname="mariadbserver"
export jail_mariadbserver_ip="192.168.0.3"
export jail_mariadbserver_rootdir="/usr/jails/mariadbserver"
[Removed]
Contents of httpd.conf (
/usr/jails/webserver/usr/local/etc/apache24/httpd.conf)
Code:
ServerRoot "/usr/local"
Listen 80
[Many modules listed here, but removed here to shorten message]
LoadModule authn_file_module libexec/apache24/mod_authn_file.so
IncludeOptional etc/apache24/modules.d/[0-9][0-9][0-9]_*.conf
<IfModule unixd_module>
User www
Group www
</IfModule>
ServerName localhost
<Directory />
AllowOverride all
Require all denied
</Directory>
DocumentRoot "/usr/local/www/apache24/data"
<Directory "/usr/local/www/apache24/data">
Options Indexes FollowSymLinks
AllowOverride None
</Directory>
<IfModule dir_module>
DirectoryIndex index.html index.htm index.php
</IfModule>
<Files ".ht*">
Require all denied
</Files>
[Removed code to shorten message]
<VirtualHost *:80>
ServerName www.domain1.com
DocumentRoot /usr/local/www/apache24/data/domain1/
</VirtualHost>
This is my Wordpress config file
/usr/jails/webserver/usr/local/www/apache24/data/domain1/wp-config.php):
Code:
/** The name of the database for WordPress */
define('DB_NAME', 'wp_domain1');
/** MySQL database username */
define('DB_USER', 'wp_domain1_user');
/** MySQL database password */
define('DB_PASSWORD', 'MyHiddenPassword');
/** MySQL hostname */
define('DB_HOST', 'localhost');
Thank you in advance for any enlightening suggestions.
Last edited: