Invalid response 404 from working site

Running a wordpress site in AWS on EC2 ubuntu server. Using route 53 for domain services. I have done several domain checking tests and everything passes. The one problem I have is that the site takes 20 seconds to load, maybe that is the problem?

My domain is:barryleeblogs.com, www.barryleeblogs.com

I ran this command:sudo certbot --apache

It produced this output: Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: barrylee.com
Type: unauthorized
Detail: 76.223.54.146: Invalid response from http://barrylee.com/.well-known/acme-challenge/gA7zat0iD2l0PjzRqqte57oiRatyO45FqR79TzlxKJI: 404

Domain: www.barrylee.com
Type: unauthorized
Detail: 76.223.54.146: Invalid response from http://www.barrylee.com/.well-known/acme-challenge/ibtyzWf5xX0A5nhPYbdK2LlGG-77iIdxRKr5Ay8XAFw: 404

My web server is (include version):
Apache 2.4.52
The operating system my web server runs on is (include version): ubuntu 22 o4

My hosting provider, if applicable, is: Ec2 instance on AWS

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.7.4

These are different names that look to go to different IPs; which one are you trying to set up, and which server are you running it on?

3 Likes

These are both the same site on the same server, in typical fashion to have the www subdomain added to the DNS record. In my DNS records they are both pointing to the same IP. And they both work. But I do know there is some kind of issue because the sites load very slow, like 20 or more seconds. So that may point to an issue but I have not found it yet.

barrylee.com and www.barrylee.com both resolve to the same set of IPs (at least from where I'm testing), 13.248.169.48 & 76.223.54.146.
barryleeblogs.com and www.barryleeblogs.com both resolve to 3.130.114.62.

So again, which names are you trying to set up, and which server are you running it on?

4 Likes

Further is that barrylee.com and www.barrylee.com are not using Route53

They look to be using some sort of URL Forward or URL Redirect service from some domain name provider. That won't work for HTTPS services so if these are the names you want in your cert you should look at disabling that and using an A record for the public IP instead.

But, the barryleeblogs names do use Route53. So, as @petercooperjr has already asked please clarify which names you want a cert for.

3 Likes

Once the IP and site name issues are addressed...

I'd like to ensure this web service is doing what you are asking it to do:

To that end, please show the output of:
sudo apachectl -t -D DUMP_VHOSTS

3 Likes

Ok waht a puzzle, when I nslookup they are both using the same IP
Non-authoritative answer:
Name: barryleeblogs.com
Address: 3.130.114.62

C:\Users\Barry>nslookup www.barryleeblogs.com
Server: static-190-240-112-149.une.net.co
Address: 190.240.112.149

Non-authoritative answer:
Name: www.barryleeblogs.com
Address: 3.130.114.62

Also, I registered the domain name with Route53 and am using route53 to host it, and I created two A records for the domain and for the www both pointing to that same IP

Thanks I am going into a meeting right now and will do this ASAP when I can.

To that end, please show the output of:
sudo apachectl -t -D DUMP_VHOSTS

1 Like

You missed the subtle difference of the word "blogs" in the names in question:

2 Likes

ok manages to get this first

Last login: Thu Nov 2 17:44:05 2023 from 181.136.50.102
ubuntu@ip-172-31-10-36:~$ sudo apachectl -t -D DUMP_VHOSTS

VirtualHost configuration:
*:80 barrylee.com (/etc/apache2/sites-enabled/barrylee.com.conf:1)

So, again...
Which is the name you want to get a cert for?:

^^ I see two domains.
barrylee.com
barryleeblogs.com

2 Likes

Ok this seems to indicate a misconfiguration in an apache config, let me review

1 Like

^^ this file doesn't seem to cover the "www" alias.

2 Likes

Ok, solved, thank you so much everyone and I feel like an idiot. @rg305 gave me the answer with this sudo apachectl -t -D DUMP_VHOSTS. I did indeed have the wrong name in the conf file. I had started the project with a domain name that I thought was available, but turned out to only be for sale, so I changed it and registered a different name and forgot to go back and change the conf file. What tricked me was the the sites were coming up and working somehow, so I didn't suspect the issue. I ran certbot successfully. Now I just need to figure out why the site is still loading so slow. Thanks again to all.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.