Domain blocked due to many attempts

Help
1

My domain is:

www.hogarnet.com.ar

It produced this output:

2019-10-29 19:17:57,965:DEBUG:requests.packages.urllib3.connectionpool:387: “POST /acme/new-authz HTTP/1.1” 429 189
2019-10-29 19:17:57,967:DEBUG:acme.client:641: Received response:
HTTP 429
Content-Length: 189
Cache-Control: public, max-age=0, no-cache
Server: nginx
Connection: keep-alive
Boulder-Requester: 22567845
Date: Tue, 29 Oct 2019 19:17:57 GMT
Content-Type: application/problem+json
Replay-Nonce: 0001QVOOtXoyaxOOlmdib6GSk74V2wNywJykW-at6PTinhM

{
“type”: “urn:acme:error:rateLimited”,
“detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”,
“status”: 429
}
2019-10-29 19:17:57,967:DEBUG:acme.client:666: Storing nonce: 0001QVOOtXoyaxOOlmdib6GSk74V2wNywJykW-at6PTinhM
ACME server returned an error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

My web server is (include version): nginx/1.14.0

The operating system my web server runs on is (include version): Ubuntu 16.04.6 LTS

My hosting provider, if applicable, is: Linode

I can login to a root shell on my machine (yes or no, or I don’t know): yes

We have noticed that (in one of our domains) there’s a bad configuration, a crash with a cpanel from another administrator that tried to generate the certificated and produced a blocking to the domain.

We have not more tries, so we need help to unblock this for try again. The bad configuration on cpanel was removed but we can’t generate the certificate from our side.

We need help, it is so much important due a coming commercial event.

Thanks.

1 Like
2

Hi @infraestructurawe

please read the link in the error message.

Your configuration is buggy - https://check-your-website.server-daten.de/?q=hogarnet.com.ar

You have ipv4 and ipv6

Host T IP-Address is auth. ∑ Queries ∑ Timeout
hogarnet.com.ar A 104.237.131.132 Dallas/Texas/United States (US) - Linode, LLC Hostname: epicuro2.web-experto.com.ar yes 2 0
AAAA 2607:f748:1200:11d:174:142:221:52 Chicago/Illinois/United States (US) - iWeb Technologies Inc yes
www.hogarnet.com.ar C hogarnet.com.ar yes 1 0
A 104.237.131.132 Dallas/Texas/United States (US) - Linode, LLC Hostname: epicuro2.web-experto.com.ar yes
AAAA 2607:f748:1200:11d:174:142:221:52 Chicago/Illinois/United States (US) - iWeb Technologies Inc yes

but there are different answers checking your different ip addresses.

Sample:

http://hogarnet.com.ar/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 104.237.131.132, Status 301

http://hogarnet.com.ar/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2607:f748:1200:11d:174:142:221:52, Status 404
configuration problem - different ip addresses with different status

http + non-www + ipv4 -> http status 301
http + non-www + ipv6 -> http status 404

So first step: Cleanup your setup, so ipv4 and ipv6 have the same answer.

3 Likes
3

The "block" you are currently experiencing is because Certbot had 5 failed attempts to issue a certificate within one hour.

Whatever problems cPanel is having is separate - it has its own, independent, 5 failed attempts per hour. The domain itself is not blocked.

With Certbot, you can use --dry-run for a much higher limit to experiment with while testing and trying to fix your problem. So try fixing your IPv4/IPv6 issues as @JuergenAuer described , and do a Certbot dry-run to see whether it helped.

Then when 1 hour has elapsed since your "block" began, you can do it for real by removing --dry-run.

2 Likes
4

Hi Guys.
Thanks a lot for your help.
Your advices really helped me to solve this problem and I learned new things.
Thanks again.
Regards.

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.