I installed ssl certificate on WP, site cannot be opened, 403 forbidden

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: vitaeezy.com

I ran this command:

Free SSL certificate Letsencrypt
# certbot --nginx --redirect -d www.example.com -d example.com -m admin@example.com --agree-tos --no-eff-email

It produced this output: Successfully deployed the certificate

My web server is (include version): --nginx

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: VULTR

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Console

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Hello @letsencrypt2, welcome to the Let's Encrypt community. :slightly_smiling_face:

Your nginx server is returning 403 for both www.vitaeezy.com and vitaeezy.com

$ curl http://vitaeezy.com
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>

$ curl http://www.vitaeezy.com
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>

However curious if this is possibly a typo

And here is a list of issued certificates crt.sh | vitaeezy.com, the latest being 2022-11-14.

1 Like

Hi Bruce ..
Thank you for the response to my request for help. What do you suggest? I am more a layman on these issues.

1 Like

If you know nginx configuration start there otherwise, kindly wait for more knowledgeable Let's Encrypt community volunteers to assist.

2 Likes

Thanks Bruce

3 Likes

You could show the nginx config, with the output of:
nginx -T
[that's a capital "T"]

3 Likes

Hi RG
Please explain..

Explain my post?
If you show us the nginx configuration, we may be able to see why you presumably are unable to obtain a certificate.

3 Likes

Your nginx is unable to start.
You'll need to fix that before we can continue.

3 Likes

Thanks .....How do i do that?

1 Like

I wouldn't know.
This is not an nginx forum.

But are you even on the right server?
I get this:

curl -I http://www.vitaeezy.com
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 15 Nov 2022 15:31:44 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.vitaeezy.com/wp-admin/install.php

[which shows an nginx server is listening]

3 Likes

Your Domain Name does match the IPv4 Address you are showing, good.

$ nslookup
> server ns19.domaincontrol.com.
Default server: ns19.domaincontrol.com.
Address: 97.74.109.10#53
Default server: ns19.domaincontrol.com.
Address: 2603:5:21d0::a#53
> vitaeezy.com
Server:         ns19.domaincontrol.com.
Address:        97.74.109.10#53

Name:   vitaeezy.com
Address: 209.250.232.211
>

Using this tool https://www.redirect-checker.org/ shows this redirect

And that redirected location shows this

And with curl -I

$ curl -I http://www.vitaeezy.com
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 15 Nov 2022 18:32:37 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.vitaeezy.com/wp-admin/install.php

$ curl -I  http://www.vitaeezy.com/wp-admin/install.php
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Tue, 15 Nov 2022 18:32:57 GMT
Content-Type: text/html
Content-Length: 172
Connection: keep-alive
WWW-Authenticate: Basic realm="Restricted"
2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.