Firewall issue?, connection times out

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:www.hensberry.xyz

I ran this command: sudo certbot --apache -d hensberry.xyz -d www.hensberry.xyz

It produced this output: https://pastebin.com/FwibCqXKm, was too long to put here

My web server is (include version): Apache/2.4.43 (Unix)

The operating system my web server runs on is (include version): Arch Linux (Latest updates)

My hosting provider, if applicable, is: Self Hosted

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): not sure, i just use Namecheaps website to change DNS stuff.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 1.5.0

Some more info.
ufw status : Status: active
22/tcp LIMIT Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
27020 ALLOW Anywhere
7777 ALLOW Anywhere
25565 ALLOW Anywhere
22/tcp (v6) LIMIT Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
27020 (v6) ALLOW Anywhere (v6)
7777 (v6) ALLOW Anywhere (v6)
25565 (v6) ALLOW Anywhere (v6)

Got port 80 and 443 tcp configured in both my router and my firewall. tried disabing firewall but didnt help.
i can access my website using my phones 4g, and my home network.
https://check-your-website.server-daten.de/?q=hensberry.xyz gives connection times out.
I created the .well-known/acme-challenge folder in my /srv/http/ and made sure to give it permissions in my apache config just in case.
Thats all really, i cant think of why it doesnt work. ive tried changing the configs around a bunch.
Thank you for any help!

Hi @hschen

looks like https is blocked via a firewall, but http doesn't work. Different answers https / http.

Works http internal?

curl http://hensberry.xyz/.well-known/acme-challenge/1234

from that machine?

Allows your ISP port 80?

If "check-your-website" can't see your http site, Letsencrypt can't it too, so creating a certificate doesn't work.

curl http://hensberry.xyz/.well-known/acme-challenge/1234, gives

The requested URL was not found on this server.

The link on the
<a href="<!--#echo encoding="url" var="HTTP_REFERER" -->">referring
page</a> seems to be wrong or outdated. Please inform the author of
<a href="<!--#echo encoding="url" var="HTTP_REFERER" -->">that page</a>
about the error.

If you entered the URL manually please check your
spelling and try again.

Everything works well internally. I had a self certified https but i removed the config just in case it confilcted with certbot.
I assume ISP isn’t blocking port 80 since it works with my 4g connection which its not being hosted on.

Is there supposed to be anything inside the .well-known/acme-challenge?. currently theres nothing inside

That's

an answer from your server, so http works internal.

You may use the same WiFi.

I can't connect your url http://hensberry.xyz/.well-known/acme-challenge/1234 - not with my browser, not with online tools.

PS: https://check-your-website.server-daten.de/?q=hensberry.xyz#portchecks - the port check shows an SSH answer / port 22.

So that works too, your domain name and your ip are visible.

Alright, thanks for now. ill try to call my isp to see if port 80 is open or not. as for the SSH, ive set it up to only allow rsa keys, so i should be fine security wise.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.