Nginx something wrong with my config, need help

Help
1

My domain is: yokyu.com

I ran this command: sudo certbot --nginx

It produced this output: Successful in generating the certificate

My web server is (include version): nginx 1.18

The operating system my web server runs on is (include version): Ubunti 22

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.31

My problem is that after running the certbot I cannot access the site via https or http. Was possible via http before. Have tried to make changes, according to different post I have found. But nothing helps.

Following is what I have right now:

server {

    root /var/www/html;


    index index.php;


    server_name yokyu.com  www.yokyu.com;



listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/yokyu.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/yokyu.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = www.yokyu.com) {
return 301 https://$host$request_uri;
} # managed by Certbot

if ($host = yokyu.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;

    server_name yokyu.com  www.yokyu.com;
return 404; # managed by Certbot


location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}

}

If someone have an idea what I have done wrong and could point me in the right direction, that would be super!

Thanks and be safe!

2

Welcome to the community @yokyu

I can see your site with HTTP. It redirects to HTTPS as it should and then fails.

It looks like your port 443 is not open (only 22 and 80). If you are hosted at home check your router NAT forwarding for port 443.

3 Likes
3

Thank you @MikeMcQ !

Not hosting at home, vm running at Oracle.

I checked the firewall, and it should be ok, I think:

Status: active

To Action From

Nginx HTTP ALLOW Anywhere
Nginx HTTPS ALLOW Anywhere
OpenSSH ALLOW Anywhere
Nginx HTTP (v6) ALLOW Anywhere (v6)
Nginx HTTPS (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)

1 Like
4

Is there anything in the Oracle service that needs to allow port 443? You could try a restart of nginx but I think it's more likely something else blocking 443

A port scan test shows just this (no port 443 open)

nmap yokyu.com
Nmap scan report for yokyu.com (129.151.194.147)
Not shown: 998 filtered ports
PORT   STATE SERVICE
22/tcp open  ssh
80/tcp open  http
3 Likes
5

Hmm, will check the vcn and see if 443 is open.

Thanks for the help!

2 Likes
6

Strange, 443 was open in the control panel and iptables included 80 and 443.
Removed the rule and added it again and the port was open, got confirmation that it was open via port scan. About 2 minutes later when I checked again it was closed. Looks to be an Oracle issue.

Thanks for the help, now I know where the issue is.

2 Likes
7

I see you made progress. The nmap report now shows 443 as "closed" rather than "filtered". Sometimes nginx needs a full restart when changing its listening ports. You might try that.

3 Likes
8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.