Error 429 - Too many requests on my site

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: marvinskilla.tk

I ran this command: sudo certbot --nginx

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx

Which names would you like to activate HTTPS for?

1: marvinskilla.tk

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for marvinskilla.tk
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. marvinskilla.tk (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://marvinskilla.tk/.well-known/acme-challenge/emnkAe2IWLo3r_YRzjw3TN6vWS1gRrU1kkTExnD5yII [195.20.42.214]: "\r\n429 Too Many Requests\r\n\r\n

429 Too Many Requests

\r\n
"

IMPORTANT NOTES:

My web server is (include version): nginx/1.10.3

The operating system my web server runs on is (include version): Raspbian Stretch (Debian Stretch)

My hosting provider, if applicable, is: myself (Port 80 is already forwarded)

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.28.0

2

Hi @MarvinSkilla

your configuration is wrong. There is a check of your domain, there you see the problem - https://check-your-website.server-daten.de/?q=marvinskilla.tk

Your ip address

Host T IP-Address is auth. ∑ Queries ∑ Timeout
marvinskilla.tk A 195.20.42.214 Amsterdam/North Holland/Netherlands (NL) - OpenTLD Web Network No Hostname found yes 1 0
AAAA yes
www.marvinskilla.tk C marvinskilla.tk yes 1 0
A 195.20.42.214 Amsterdam/North Holland/Netherlands (NL) - OpenTLD Web Network No Hostname found yes

But checking that domain there is a frame:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> <html> <head> <title>marvinskilla.tk</title> <meta name="description" content="marvinskilla.tk"> <meta name="keywords" content="marvinskilla.tk"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-23441223-3']); _gaq.push(['_setDomainName', 'none']); _gaq.push(['_setAllowLinker', true]); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </head> <frameset rows="*"> <frame frameborder=0 src="http://91.227.236.223" name="dot_tk_frame_content" scrolling="auto" noresize> </frameset> </html>

With your real ip address 91.227.236.223.

So the wrong ip address is checked.

First step: Change your ip address - A record -> 91.227.236.223

Info: Html-Content with frame found, may be a problem creating a Letsencrypt certificate using http-01 validation

Then recheck your domain.

3

Thank you for your answer!

I’m using dot.tk (freenom) for my domain name and there’s the options

  1. Nameservers
  2. Register glue records and
  3. URL Forwarding

I’ve chosen option 3 there and entered my IP address with forward mode “Frame (cloaking)” so maybe this was the problem.

4

So I’ve changed my DNS entries to Cloudflare to make things easier. Now getting an SSL cert shouldn’t be a problem.

Thank you for you solution!

1 Like
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.