Number of sites accessible via broadband but not via 4G

My domain is: 178.79.169.171

I ran this command: attempted accessing sites hosted on this server via 4G (EE in the UK)

It produced this output: returns SSL error (NSURLErrorDomain in Firefox for IOS)

My web server is (include version): Nginx 1.14.0

The operating system my web server runs on is (include version): Ubuntu 18.04 LTS

My hosting provider, if applicable, is: Linode

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No all via SSH

I have been accessing sites (all with separate SSL certs) at this IP address via my mobile network provider (EE.co.uk) without hitch at least up until yesterday now I get SSL/server not secure errors.

I can still access the sites via regular broadband (tried a few providers to be sure) - other people seem to access the sites no problem via their own 4G networks.

Various online SSL checks show the certificates to be valid. Other sites with SSL certs I look after on a different server with a similar set up are still accessible via 4G.

Domains on the same host that don’t have SSL are still accessible.

Thanks

Hi @Pezzab

there is a certificate with two domain names. Is this

https://chethamarms.co.uk/

your domain? If yes: If you use the ip address, the certificate is invalide. Because the certificate has only the two names

chethamarms.co.uk www.chethamarms.co.uk

So use https://chethamarms.co.uk/ - and it's ok.

Also, if those are the FQDNs, they resolve to both IPv4 and IPv6 addresses.
Ensure that both are working.
For me, the IPv6 address is returning “Connection refused”.

Yes it is, thank you for the super quick response!

To confirm I should only use one version of the domain for the certificate (i.e. just chethamarms.co.uk) not two yes?

Ah I forgot to delete the IPV6 entries from my DNS manager

No, exact wrong.

If you have a domain name chethamarms.co.uk, there are always people who add www.

So you should have 2 ports and 2 domain names and correct redirects http -> https and https / not preferred version -> https / preferred version. But your site is good ( https://check-your-website.server-daten.de/?q=chethamarms.co.uk ):


Domainname Http-Status redirect Sec. G
http://chethamarms.co.uk/
178.79.169.171 301 https://chethamarms.co.uk/ 0.050 A
http://www.chethamarms.co.uk/
178.79.169.171 301 https://www.chethamarms.co.uk/ 0.043 A
https://www.chethamarms.co.uk/
178.79.169.171 301 https://chethamarms.co.uk/ 2.253 B
https://chethamarms.co.uk/
178.79.169.171 200 1.937 B

Every version answers, three correct redirects, one https version with http status 200.

So every user (and every search engine) has the same version - https + non-www.

There are sometimes sites with two certificates (one domain name per certificate). But I think, the version with one certificate and two domain names is easier. And it's better then having a wrong certificate (www-version) or a timeout (not preferred version doesn't answer).

Thanks again JuergenAuer :+1:t4:

Just reporting back to say that the issue seems to have been resolved by deleting IPv6 addresses from my Linode DNS manager.

I had forgotten that I’d let Linode populate the DNS entries with a default setup that included IPv6 which wasn’t needed.

This appears to be the solution in my case.

Thanks again rg305 and JuergenAuer :slightly_smiling_face::+1:t4:

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.