I am here to describe a certain issue I faced recently. Me and My friends are having a pet project called Wibrant(earlier named winbook). Which is a social media website, hosted here. It has a Django-react stack both repos can be found here, and is hosted on an EC2 instance of free tier, on AWS, which is associated to an elastic IP.
The backend is running on a docker container, on the server itself, however, we decided to host the frontend on vercel, which was initally hosted here.
But I decided to proxy it using nginx. Nginx conf for both react and django can be found here
This configuration was working perfectly, until one night I was suddenly getting a 502 error on https://winbook.d3m0n1k.engineer/. Upon inspecting the nginx logs, I found an error like
no live upstreams while connecting to upstream
which I was unable to understand. So, I tried to curl the site, using my localhost and the server. I was able to curl it using my local system, but was not able to do the same with the ec2 server. I got the error:
curl: (35) error:0A000126:SSL routines::unexpected eof while reading
Upon researching I found this error to occur due to openssl version mismatch, so i tried to update it, but couldn't. So decided to spin up a new ec2 instance. I was able to curl the site from there. Thinking that fixed the issue, I migrated the whole set up to that instance and reassociated my elastic ip to that instance. I tried to test it, Only to find that it stopped working. Confused, I ran the curl command again, and it was failing too. On using a python script with requests module to get the site, I got this error from my latest setup.
Caused by SSLError(SSLZeroReturnError(6, 'TLS/SSL connection has been closed
However, now the previous setup started to work perfectly fine.
So, I could curl the Vercel deployment when I didn't had the elastic IP associated to my instance, but couldn't if I did.
So, I figured it was some issue with the elastic IP. I suspected Vercel had blacklisted my IP maybe. So I reset the whole dns config of my domain, created and associated a new elastic IP with the instance, and it worked perfectly.
So, my question is..
Has anyone faced such an issue before? If yes, what was the fix in your case.
Is it really possible that Vercel has the IP in a blacklist of sorts?
This issue is probably non reproducible, but if someone find this thread, dealing with the same problem, I hope that the post and/or the comments/answers lead you to your solution. Cheers.
Related
We have 3 servers: a gateway machine, and 2 other hosts (old and new).
Originally, the gateway machine was serving a django app hosted on OLD via proxypass. We are shutting down OLD and have moved the app over to NEW.
On NEW, the app works fine when accessing the host directly (http://IP.FOR.NEW/site)
However, when trying to access via the gateway (so that users don't have to update links/learn an IP/etc), accessing via http://gateway/site gives an LDAP error.
HOWEVER, it's not LDAP that's the issue. The OLD server used LDAP, while the NEW server is simply using the django user system. As a result, all LDAP references were removed, and it works when accessing it directly.
It looks like when accessing via gateway, it is serving the old code but trying to point it at the NEW server. If I stop apache on the NEW server, access via the gateway fails with 'service unavailable'.
As far as I can tell, caching is not enabled on either server.
edit: I tried changing the user facing url (gateway/foo to gateway/bar) which is redirected via proxypass to NEW/site. No change. Still appears to be serving old code on the NEW server.
Any suggestions on where to start looking would be appreciated.
I have a new lightsail instance running wordpress, 20GB plan, running a wordpress app. When I go to the IP address in my browser, I get a 503 Service Temporarily Unavailable error. I tried restarting the stack, that didn't help. I tried rebooting, that didn't help. Other instances I've started up came up just fine without problems. There's no useful error message in apache logs. Not sure what the problem is, not sure where else to look.
Dammit, typo in the IP address. Checked that thing like 5x. There goes an hour.
I'am quite new to setting up and managing websites, domains and stuff.
I purchased a domain (let's say example.de) and registerd it on my vserver running Parallels Plesk. As I need secure access I requested and created a SSL-Certificate at startssl.com. The developed application (Spring-Boot) runs on an EC2-Instance at AWS. The Product-Website runs on an Apache-Webserver on an EC2 instance. I need to secure both, the App (app.example.de) and the Website (example.de) using SSL.
What I want to archive is a redirect from the domain https://example.de to the EC2 Instance. I already tried several things - some I remember from the try&error marathon
Configure Plesk frame-forwarding the traffic on https://example.de to the ec2-ip
Obviously the Browser warns me that the Certificate is issued for example.de and not for and classifies the traffic as unsecure. Same like when accessing it like https://...
I also uploaded the certificate at Plesk - Also without success
Is there a solution for my setup? Or do I need (or is it recommened) to use Amazon Route53 for that task? Would be nice if someone could guide me and provide some tipps as I am pretty new to this topics.
Thanks
It seems there is no way around AWS route 53.
I figured out that there is a Extension for Plesk that is designed to route traffic using route53 and even a nice manual article at the Plesk homepage how to use any external DNS and also Route53 Extension. As this Extension requires a newer version of Plesk, than that one I am using I wasn't able to install it. I am pretty much bound to this version, so an update didn't come into question. I cannot tell for sure if using this Extension solves my initial problem, but it seems to be a potential solution.
The most simplistic solution (at least for me):
I ended up moving my Domain the AWS, created a Hosted-Zone, Added a Record Set with the IP of the EC2 and the DNS Server provided due the hosted Zone. Everything is now working like a charm.
Some more Background: The Product-Website and App-Frontend are running inside an Apache where I installed mod_ssl and configured SSL access. The Application backend runs as a Spring-Boot-App in a Tomcat where I also configured SSL using a TomcatConnectorCustomizer.
This setup works for my scenario
I'm trying to setup an Apache server on an Ubuntu EC2 instance. I'm using 12.04 LTS, and I've tried with 14.04 LTS, but haven't reached a solution. I've scoured the internet looking for a solution but haven't found anything. My Apache settings are default and I've created a Security Group for HTTP. I also have an elastic IP associated with the instance.
When I load localhost using Lynx, I'm getting the Apache page. I cannot access it from my browser externally. The page keeps trying to connect and is waiting for it. When I nmap port 80 internally from the server, it says open. The weird thing is when I try to nmap the server from outside. It sometimes shows it's open and sometimes it shows it's down. I cannot determine the situation that causes this. It seems arbitrary to me at the moment. I've tried to launch different instances and I'm getting the same behavior. I've turned off ufw, and cleared iptables.
I am able to SSH and FTP to the server without any problems. I'm stumped, and very confused why something so simple can not work. Apache error logs are normal. I also tried with nginx and I'm getting the same problem.
Any help is appreciated!
I have a problem running ServiceStack as daemon on Linux.
I just started to work into creating a REST API with C# on Mono. I studied your Wiki about it and yesterday I tried to run ServiceStack as daemon on Linux (Ubuntu 13) exactly as described on the wiki page:
https://github.com/ServiceStack/ServiceStack/wiki/Run-ServiceStack-as-a-daemon-on-Linux
But I encountered a problem, tried every possible solution I found in the web, but nothing helped.. The problem:
If I access http://127.0.0.1:8080 on the Ubuntu System everything is fine and I am beeing redirected to http://127.0.0.1:8080/metadata and get the Service Metadata.
If I access http://127.0.0.1:80 I get the static content. Also fine.
BUT if I access http://127.0.0.1/api I'm being redirected to http://127.0.0.1/metadata and get a 404. Which is absolutely understandable because there is no such thing on Port 80.
You know I'm not that good in apache, but after reading the configuration mentioned in the wiki I thought this should work normally. Am I wrong? Or do you have any idea how I can solve this?
Another problem is that if i access the service on my ubuntu system from another system, e.g. Windows through http://ubuntu-dev:8080, I get Bad Request (invalid host).
I also get the 404 there if I accesshttp://ubuntu-dev/api.
I think the Bad Request Thing must have something to do with servicestack because apache only listens on port 80 (as it should I think). Do you have any suggestions about this?
It would be really nice if someone could help me because I really don't know what to do with these problems.
Greetings, daily
It might be a problem that only occurs when it runs on a different port than 80.
Probably it's not redirecting properly when a port is set.
Try running it on nginx with fastcgi (fastcgi-mono-server4), there you can run it on port 80.