root /home/ubuntu/html/netplusdesign.net;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
# server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
No errors. But when I try to access https://netplusdesign I get ERR_CONNECTION_TIMED_OUT in Chrome. All worked fine using http before I ran lets encrypt command.
Just need help understanding how to troubleshoot this. Thanks for your help.
it’s definitely a fiewall thing (could be the provider firewall or your system fire-walling)
as an aside - please firewall SSH - you generally don’t want SSH access to the entire internet (limit SSH access to your home Static IP for example).
run > sudo ufw status and it should tell you what ports are open to whom (note for 443 and 80 you should allow all if this is going to be a web server)
compare your SSH and HTTP and HTTPS settings to give you an idea of how to configure it
@ahaw021 Thanks for your help, I realize this is likely outside the scope of lets encrypt help.
I think you did your scan while I was trying a different server. Everything is switched back now. And re: ssh, I don’t have a static IP, thus open anywhere. Although I might be able to limit to a range. Will try that soon thx.
If I run, sudo ufw status verbose I get,
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
443 ALLOW IN Anywhere
22 ALLOW IN Anywhere
80 ALLOW IN Anywhere
443 (v6) ALLOW IN Anywhere (v6)
22 (v6) ALLOW IN Anywhere (v6)
80 (v6) ALLOW IN Anywhere (v6)
I downloaded and installed nmap,thanks for the hint. nmap says…
Starting Nmap 7.40 ( https://nmap.org ) at 2017-02-05 08:30 EST
Nmap scan report for netplusdesign.net (34.198.163.201)
Host is up (0.030s latency).
rDNS record for 34.198.163.201: ec2-34-198-163-201.compute-1.amazonaws.com
Not shown: 98 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 2.17 seconds
That was it! I had enabled using ‘ufw’. I didn’t realize amazon was over ruling the setting. I had to use the UI to open the port. It was not open by default. Unbelievable how much time I spent on this simple thing. Thank you so much!