Actually they were both enabled (with a2ensite)
You should get rid of the symbolic link first with:
sudo a2dissite /etc/nginx/sites-enabled/landwtools.com
Oh dang!
a2dissite will try to automatically append .conf to the name given.
Which would make then “look” exactly the same … no telling what it will do exactly then [which will get deleted or both?].
I think you will have to remove the unused one “by hand”.
sudo unlink /etc/nginx/sites-enabled/landwtools.com
then
ls -l /etc/nginx/sites-enabled/
thanks, now I understand.
after execute :
$sudo unlink /etc/nginx/sites-enabled/landwtools.com
now I check again :
$ls -l /etc/nginx/sites-enabled/
it shows :
total 0
lrwxrwxrwx 1 root root 34 Sep 14 00:03 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root 46 Sep 14 00:27 landwtools.com.conf -> /etc/nginx/sites-available/landwtools.com.conf
now it seems Okay
then I restart Nginx
$sudo systemctl restart nginx
then I execute
$sudo certbot certonly --agree-tos --email admin@landwtools.com --webroot -w /var/lib/letsencrypt/ -d landwtools.com -d www.landwtools.com
it shows :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for landwtools.com
http-01 challenge for www.landwtools.com
Using the webroot path /var/lib/letsencrypt for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.landwtools.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.landwtools.com/.well-known/acme-challenge/dnI3Bd3qpzf_VCu554kTBnR0fnx-9opN9eDV536tY-U: Timeout during connect (likely firewall problem), landwtools.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://landwtools.com/.well-known/acme-challenge/KNOcFaUKLhjvopmkVOpGOeZOm_fvO_hsVZtwBCKWZ2o: Timeout during connect (likely firewall problem)
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: www.landwtools.com
Type: connection
Detail: Fetching
http://www.landwtools.com/.well-known/acme-challenge/dnI3Bd3qpzf_VCu554kTBnR0fnx-9opN9eDV536tY-U:
Timeout during connect (likely firewall problem)Domain: landwtools.com
Type: connection
Detail: Fetching
http://landwtools.com/.well-known/acme-challenge/KNOcFaUKLhjvopmkVOpGOeZOm_fvO_hsVZtwBCKWZ2o:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
I close all of my firewall
but still can not reach http://landwtools.com, whose error is :
ERR_CONNECTION_TIMED_OUT
Now you believe all the setup in Nginx side are Okay, and I should check the outside friewall things ?
Please advice
Yes, it seems there may be a firewall issue.
First let’s check that your web service is running:
sudo netstat -pant | grep -i listen
Hi, good morning, and first, thanks for all your helps yesterday.
now, after execute $sudo netstat -pant | grep -i listen
it shows:
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 759/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1072/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1054/postgres
tcp 0 0 0.0.0.0:8069 0.0.0.0:* LISTEN 1331/python3
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1041/nginx: master
tcp6 0 0 :::22 :::* LISTEN 1072/sshd
tcp6 0 0 :::80 :::* LISTEN 1041/nginx: master
1 Like
Hi, anthor question :
1
when check :
$ls -l /etc/nginx/sites-enabled
it shows :
total 0
lrwxrwxrwx 1 root root 34 Sep 14 00:03 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root 46 Sep 14 00:27 landwtools.com.conf -> /etc/nginx/sites-available/landwtools.com.conf
this is the fix result yesterday, it is okay
then I check :
$ls -l /etc/nginx/sites-available
it shows:
total 12
-rw-r–r-- 1 root root 2416 Apr 6 2018 default
-rw-r–r-- 1 root root 341 Sep 14 00:21 landwtools.com
-rw-r–r-- 1 root root 111 Sep 14 00:27 landwtools.com.conf
my question is : whether I also need to delete the 2nd one :
-rw-r–r-- 1 root root 341 Sep 14 00:21 landwtools.com
OK that looks good.
Now please show this:
You don't HAVE to.
Things in /sites-available/ are only AVAILABLE for use (but not forced to be used).
Things in /sites-enabled/ are ALL USED.
after I quit my firewall, I login http://landwtools.com
it still failed with showing :
This site can’t be reached
landwtools.com took too long to respond.
Try:
- Checking the connection
- Checking the proxy and the firewall
- [Running Windows Network Diagnostics](javascript:diagnoseErrors())
ERR_CONNECTION_TIMED_OUT
meanwhile, I check again :
$sudo nginx -T | grep -i ‘server_name|landwtools|virtual|root|listen’
it returns :
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Command ‘listen’’ not found, did you mean:
command ‘listen’ from deb ruby-listen
Try: sudo apt install
Command ‘root’ not found, did you mean:
command ‘toot’ from snap toot (0.27.0)
command ‘roo’ from snap roo (2.0.3)
command ‘rootv’ from deb xawtv
command ‘proot’ from deb proot
command ‘rott’ from deb rott
See 'snap info ’ for additional versions.
Command ‘virtual’ not found, did you mean:
command ‘virtaal’ from deb virtaal
Try: sudo apt install
what those mean?
if I need to sudo apt install , which is the deb name? Is it the Odoo deb package name?
That means the copy/paste or the site has failed you.
What you pasted was changed from what I typed ( ' ‘ ).
A subtle difference to the eye, but a huge one to the operating system.
Try it again and replace them both with the single quote (next to the enter key).
Can you explain how you did this?
Wa, thanks for this knowledge
I only have 360safe firewall in my computer
I move to the 360safe icon, then righ key my mouse to show the menu, then I choose exit
Or please, there are other more professional ways?
Ok, I don’t know about that firewall.
Do you have another system local to that server (on the same network)?
[so we can test access from there]
Sorry, I see you are using AWS EC2.
I think our wires got crossed.
The firewall is not the one on your computer.
The firewall is the one on the server.
And also in AWS settings.
yes, I am using AWS EC2
I think I only use aws ec2 instance security group as my firewall.
I can not find my ec2 instance firewall from AWS setting, and can you show me more?
thanks
and now I can target my security group under my aws ec2 instance, whose details as below :
and do you also need my source information?
whether I can to add http here ?
now, it is okay, after add http. Now I can understand. thanks
1 Like