Http challenge, timeout during connect, likely firewall problem

The problem:
Since 15th Oct 2020, we cannot create new certificate due letsencrypt bot cannot connect to our ip.

We have disabled our firewall, but it seems AWS (the provider of letsencrypt bot) is the one who block our ip.

While doing http-challenge the first bot coming from 64.78.149.164 and 66.133.109.36 has no problem accessing our ip

But the other bot coming from 3.22.70.135, 52.28.236.88, 18.196.96.172 cannot access our ip. We cannot even ping them (most likely due aws firewall)

Is there any possibility for letsencrypt using more provider? There must be someone else that also has this problem (AWS block some ip without reason)

My domain is:
bdmalay.com

I ran this command:
certbot-auto certonly --manual

It produced this output:
Timeout during connect (likely firewall problem)

My web server is (include version):
nginx

The operating system my web server runs on is (include version):
debian

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.28.00

1 Like

Hi and welcome to the community!

I'm confused...
How do you know these IPs (if they are being blocked before they reach you)?

[&2* readers: Get involved; Be heard. It starts with: if you read something you like, then like it :heart:]

2 Likes

We tried using other domain on different ip, and see the logs

1 Like

I found a problem with your domain DNS servers.
See:


[&2* readers: Get involved; Be heard. It starts with: if you read something you like, then like it :heart:]

1 Like