solved - Unable to access websites/vps

Issues related to configuring your network
kropotkine
Posts: 5
Joined: 2016/07/03 08:29:04

solved - Unable to access websites/vps

Post by kropotkine » 2016/07/03 08:51:51

Hello all,

Firstly, after a reboot of my vps (I run CentOS 7 with Webmin/Virtualmin) by my provider, I can't access to my websites and resolve my ip address in my browser.

But, SSH, FTP, Ping are ok, I can access websites, download, ping my websites.
I checked the resolv.conf and it's the good ip address inside.
I also checked error logs but I wasn't able to find any clue to fix this problem.
http port is opened and active.
All the named, httpd, mysqld, mariadb, are active.

I don't know where to search, because even DNS are well configured and I don't see any error.

Thanks by advance for your replies
Last edited by kropotkine on 2016/07/21 14:47:48, edited 1 time in total.

aks
Posts: 2829
Joined: 2014/09/20 11:22:14

Re: Unable to access websites/vps

Post by aks » 2016/07/15 23:38:31

So an application like the browser doesn't work but other apps like ssh do?
Problem is probably in the browser.

kropotkine
Posts: 5
Joined: 2016/07/03 08:29:04

Re: Unable to access websites/vps

Post by kropotkine » 2016/07/20 20:25:48

Hi,
Thanks for your answer.

I checked and yes ssh works but I think it's a bug on DNS because it's not with browser : I tried different browsers and it's the same message.

I tried to check bind but I can't see any error in logs... and I don't see any big between webmin and centos concerning dns.

I'm stuck with this bug and I don't know where to search.
Thanks by advance

mghe
Posts: 748
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: Unable to access websites/vps

Post by mghe » 2016/07/20 21:04:48

check your dns by use dig command:

for example:

on server locally:
dig +short your.com @127.0.0.1

and from other host:

dig your.com @IP/name_of_server

kropotkine
Posts: 5
Joined: 2016/07/03 08:29:04

Re: Unable to access websites/vps

Post by kropotkine » 2016/07/21 08:32:31

Hi mghe,
Thanks for your fast answer

I tried these two commands to check dns configuration and everything seems good. Output shows me the good server ip address from localhost or from other host.
So dns are ok, but websites are still unavailable since vps has been rebooted by host.

mghe
Posts: 748
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: Unable to access websites/vps

Post by mghe » 2016/07/21 09:12:17

Have you turn on selinux ? If yes, turn it off temporary

# setenforce 0

User avatar
TrevorH
Forum Moderator
Posts: 26568
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Unable to access websites/vps

Post by TrevorH » 2016/07/21 09:19:39

Disabling selinux at random just to see if it fixes issues that probably have nothing to do with it seems a bit odd
CentOS 5 died in March 2017 - migrate NOW!
CentOS 6 goes EOL sooner rather than later, get upgrading!
Full time Geek, part time moderator. Use the FAQ Luke

giulix63
Posts: 1305
Joined: 2014/05/14 10:06:37
Location: GMT

Re: Unable to access websites/vps

Post by giulix63 » 2016/07/21 09:24:26

Please show

.from the system where your website(s) are hosted:

1. Network interface(s) configuration

Code: Select all

ip addr
2. Web server service(s) hosted

Code: Select all

systemctl -l status httpd/nginx/etc.
customize as per actual web server
3. Default gateway and routes configuration

Code: Select all

ip route show
4. Firewall configuration

Code: Select all

iptables -L -n
5. Output of

Code: Select all

dig http://www.google.com @8.8.8.8
dig http://www.google.com
6. Output of

Code: Select all

netstat -lt
.from the machine you are connecting from:

1, 3, 4, 5, plus the exact error you get when you try to connect to your web site and if you're using any proxies.

Run all commands as root. Show exact commands and their outputs. Anonymize as needed. It would help to know your domain name, your DNS records and who you registered it with.
Root is evil: Do not use root (sudo) to run any of the commands specified in my posts unless explicitly indicated. Please, provide the necessary amount of context to understand your problem/question.

kropotkine
Posts: 5
Joined: 2016/07/03 08:29:04

Re: Unable to access websites/vps

Post by kropotkine » 2016/07/21 12:46:37

Hi mghe and TrevorH,

selinux was disabled, I tried to enable/disable/reboot, but nothing happens !

ip addr

Code: Select all

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:68:50:cf brd ff:ff:ff:ff:ff:ff
    inet 91.134.142.155/32 brd 91.134.142.155 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe68:50cf/64 scope link 
       valid_lft forever preferred_lft forever

systemctl -l status httpd

Code: Select all

● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since jeu. 2016-07-21 14:21:50 CEST; 20min ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 1215 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"

ip route show

Code: Select all

default via 91.134.136.1 dev eth0 
91.134.136.1 dev eth0  scope link 

iptables -L -n

Code: Select all

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
f2b-sshd   tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 22
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
INPUT_direct  all  --  0.0.0.0/0            0.0.0.0/0           
INPUT_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           
INPUT_ZONES  all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
FORWARD_direct  all  --  0.0.0.0/0            0.0.0.0/0           
FORWARD_IN_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           
FORWARD_IN_ZONES  all  --  0.0.0.0/0            0.0.0.0/0           
FORWARD_OUT_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           
FORWARD_OUT_ZONES  all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
OUTPUT_direct  all  --  0.0.0.0/0            0.0.0.0/0           

Chain FORWARD_IN_ZONES (1 references)
target     prot opt source               destination         
FWDI_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto] 
FWDI_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto] 

Chain FORWARD_IN_ZONES_SOURCE (1 references)
target     prot opt source               destination         

Chain FORWARD_OUT_ZONES (1 references)
target     prot opt source               destination         
FWDO_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto] 
FWDO_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto] 

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target     prot opt source               destination         

Chain FORWARD_direct (1 references)
target     prot opt source               destination         

Chain FWDI_public (2 references)
target     prot opt source               destination         
FWDI_public_log  all  --  0.0.0.0/0            0.0.0.0/0           
FWDI_public_deny  all  --  0.0.0.0/0            0.0.0.0/0           
FWDI_public_allow  all  --  0.0.0.0/0            0.0.0.0/0           

Chain FWDI_public_allow (1 references)
target     prot opt source               destination         

Chain FWDI_public_deny (1 references)
target     prot opt source               destination         

Chain FWDI_public_log (1 references)
target     prot opt source               destination         

Chain FWDO_public (2 references)
target     prot opt source               destination         
FWDO_public_log  all  --  0.0.0.0/0            0.0.0.0/0           
FWDO_public_deny  all  --  0.0.0.0/0            0.0.0.0/0           
FWDO_public_allow  all  --  0.0.0.0/0            0.0.0.0/0           

Chain FWDO_public_allow (1 references)
target     prot opt source               destination         

Chain FWDO_public_deny (1 references)
target     prot opt source               destination         

Chain FWDO_public_log (1 references)
target     prot opt source               destination         

Chain INPUT_ZONES (1 references)
target     prot opt source               destination         
IN_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto] 
IN_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto] 

Chain INPUT_ZONES_SOURCE (1 references)
target     prot opt source               destination         

Chain INPUT_direct (1 references)
target     prot opt source               destination         

Chain IN_public (2 references)
target     prot opt source               destination         
IN_public_log  all  --  0.0.0.0/0            0.0.0.0/0           
IN_public_deny  all  --  0.0.0.0/0            0.0.0.0/0           
IN_public_allow  all  --  0.0.0.0/0            0.0.0.0/0           

Chain IN_public_allow (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW

Chain IN_public_deny (1 references)
target     prot opt source               destination         

Chain IN_public_log (1 references)
target     prot opt source               destination         

Chain OUTPUT_direct (1 references)
target     prot opt source               destination         

Chain f2b-sshd (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0  

dig http://www.google.com @8.8.8.8

Code: Select all

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> http://www.google.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10625
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;http://www.google.com.		IN	A

;; AUTHORITY SECTION:
google.com.		16	IN	SOA	ns4.google.com. dns-admin.google.com. 128035993 900 900 1800 60

;; Query time: 12 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: jeu. juil. 21 14:28:51 CEST 2016
;; MSG SIZE  rcvd: 100

dig http://www.google.com

Code: Select all

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> http://www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33397
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;http://www.google.com.		IN	A

;; AUTHORITY SECTION:
google.com.		60	IN	SOA	ns4.google.com. dns-admin.google.com. 128035993 900 900 1800 60

;; Query time: 51 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: jeu. juil. 21 14:29:26 CEST 2016
;; MSG SIZE  rcvd: 100

dig quizzmoi.com

Code: Select all

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> quizzmoi.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6966
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;quizzmoi.com.			IN	A

;; ANSWER SECTION:
quizzmoi.com.		38400	IN	A	91.134.142.155

;; AUTHORITY SECTION:
quizzmoi.com.		38400	IN	NS	vps285538.ovh.net.

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: jeu. juil. 21 14:44:34 CEST 2016
;; MSG SIZE  rcvd: 88



netstat -lt

Code: Select all

Proto Recv-Q Send-Q Adresse locale          Adresse distante        Etat       
tcp        0      0 0.0.0.0:mysql           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:submission      0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:pop3            0.0.0.0:*               LISTEN     
tcp        0      0 localhost:783           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:imap            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:ndmp            0.0.0.0:*               LISTEN     
tcp        0      0 vps285538.ovh.ne:domain 0.0.0.0:*               LISTEN     
tcp        0      0 localhost:domain        0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN     
tcp        0      0 localhost:irisa         0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:smtp            0.0.0.0:*               LISTEN     
tcp        0      0 localhost:rndc          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:dnp             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:imaps           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:pop3s           0.0.0.0:*               LISTEN     
tcp6       0      0 [::]:submission         [::]:*                  LISTEN     
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN     
tcp6       0      0 localhost:783           [::]:*                  LISTEN     
tcp6       0      0 [::]:imap               [::]:*                  LISTEN     
tcp6       0      0 [::]:http               [::]:*                  LISTEN     
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN     
tcp6       0      0 [::]:smtp               [::]:*                  LISTEN     
tcp6       0      0 [::]:https              [::]:*                  LISTEN     
tcp6       0      0 [::]:imaps              [::]:*                  LISTEN     
tcp6       0      0 [::]:pop3s              [::]:*                  LISTEN   


Error seen when I try to connect to website with any browser : "ERR_CONNECTION_REFUSED", I don't access with any proxy.
Dns are configured to point to cloudflare and everything was ok before the reboot by the host.
The domain name is -quizzmoi.com

I hope I gave you all the informations

Thanks by advance

User avatar
TrevorH
Forum Moderator
Posts: 26568
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Unable to access websites/vps

Post by TrevorH » 2016/07/21 12:54:08

Ddi you open your firewall to allow the connections? e.g firewall-cmd --add-service=http ? May also need to repeat that for https and then do both yet again with --permanent to make the change persistent over a reboot.
CentOS 5 died in March 2017 - migrate NOW!
CentOS 6 goes EOL sooner rather than later, get upgrading!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply

Return to “CentOS 7 - Networking Support”