IP Blocked From API

Hi,

My validation script got temporarily bugged out and it runs every minute to issue and renew certificates for my websites.

My HTTP authentication got broken temporarily, and I believe this led to an IP block for some reason even though historically when I have had a bug it has not.

Anyway, I would like to request an IP unblock for 45.43.30.26

1 Like

Are you getting a specific error message? If so, what is it?

1 Like

I can’t even curl acme-v02.api.letsencrypt.org

No response just hangs

1 Like

curl acme-v02.api.letsencrypt.org
curl: (7) Failed to connect to acme-v02.api.letsencrypt.org port 80: Connection timed out

1 Like

I believe if Let’s Encrypt was blocking something, you would receive a reply containing some hints as to why. This looks more like networking issues, which could be specific to your hoster or its uplink for example. Also notice that the API is supposed to be queried over HTTPS, not HTTP (port 80 in your curl example), though with your query you would still be expected to get a 301 “Moved Permanently” reply.

Correct, if your IP was blocked you would get an HTTP status code and response that tells you your IP is blocked for too much traffic. That text also contains an email address to ask for an unblock.

Hi @LetsEncryptFan

what says

traceroute  acme-v02.api.letsencrypt.org

or

traceroute  -4 acme-v02.api.letsencrypt.org
traceroute  -6 acme-v02.api.letsencrypt.org

1 10.8.0.1 (10.8.0.1) 26.073 ms 26.072 ms 26.071 ms
2 10.0.0.49 (10.0.0.49) 26.070 ms 26.069 ms 26.067 ms
3 six.as13335.com (206.81.81.10) 26.066 ms 40.229 ms 40.222 ms
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

Uh. What about this (they use the same CDN as Let’s Encrypt’s API):

tracert digitalocean.com

If it gives the same result, you need to go to SpartanHost, because they’ve broken something on their side.

Digital ocean loads fine

Oh, that looks bad. Normally, that should work.

D:\temp>tracert -4 acme-v02.api.letsencrypt.org

1 <1 ms <1 ms <1 ms fritz.box [192.168.0.1]
2 5 ms 5 ms 4 ms 62.155.240.117
3 6 ms 6 ms 6 ms 217.239.55.26
4 6 ms 6 ms 6 ms 217.239.55.26
5 6 ms 5 ms 7 ms lag-10.edge4.Berlin1.Level3.net [4.68.73.5]
6 6 ms 6 ms 7 ms ae-2-3602.edge3.Berlin1.Level3.net [4.69.159.5]
7 7 ms 7 ms 6 ms unknown.Level3.net [212.162.40.34]
8 7 ms 7 ms 7 ms 172.65.32.248

Ask your hoster why this is blocked.

Perhaps reduce your MTU to 1300 or 1100.