Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:www.citihealth.in - https://crt.sh/?q=www.citihealth.in
I ran this command:1. sudo apt update
2. sudo apt install ufw
3. sudo ufw status, if inactive
4. sudo ufw allow ssh
5. sudo ufw allow http
6. sudo ufw allow https
INSTALLING SNAPD
sudo apt update
sudo apt install snapd
sudo snap install core
sudo snap refresh core
Installing Certbot
sudo apt remove certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --apache
It produced this output: Successfully received certificate.
My web server is (include version): Apache2 2.8
The operating system my web server runs on is (include version):Debian 4.19
My hosting provider, if applicable, is: contabo
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): No Idea about the version
Currently WEBSITE IS DOWN after performing those steps
3 Likes
_az
July 28, 2021, 7:32am
2
You have a redirect loop going on:
$ curl -L -X GET -I www.citihealth.in
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 07:30:47 GMT
Server: Apache/2.4.38 (Debian)
Location: https://www.citihealth.in/
Content-Length: 317
Content-Type: text/html; charset=iso-8859-1
HTTP/1.1 302 Found
Date: Wed, 28 Jul 2021 07:30:48 GMT
Server: Apache/2.4.38 (Debian)
Location: https://citihealth.in/index.php?
Content-Length: 0
Content-Type: text/html; charset=utf-8
HTTP/1.1 302 Moved
Date: Wed, 28 Jul 2021 07:30:50 GMT
Server: Apache/2.4.38 (Debian)
Cache-Control: no-cache
Location: http://citihealth.in/index.php
Content-Length: 0
Content-Type: text/html; charset=utf-8
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 07:30:50 GMT
Server: Apache/2.4.38 (Debian)
Location: https://citihealth.in/index.php
Content-Length: 318
Content-Type: text/html; charset=iso-8859-1
HTTP/1.1 302 Moved
Date: Wed, 28 Jul 2021 07:30:51 GMT
Server: Apache/2.4.38 (Debian)
Cache-Control: no-cache
Location: http://citihealth.in/index.php
Content-Length: 0
Content-Type: text/html; charset=utf-8
...
It's worth checking where that 302 redirect is coming from.
The 301 redirect is set up by Certbot - it redirects HTTP to HTTPS.
It's not clear where the 302 redirect is coming from - it redirects HTTPS back to HTTP. Check in your .htaccess
file, in your PHP code etc.
5 Likes
webthinkers40:
www.citihealth.in
Your website is stuck in a redirect loop. I suspect your :443 VirtualHost mapping has a Redirect line in it that should only be specified for the :80 mapping. Once removed you may need to restart apache.
6 Likes
It is not going anywhere, still not solved
2 Likes
What are the outputs of:
sudo apachectl -S
sudo ls -lRa /etc/apache2
sudo ls -lRa /etc/letsencrypt
sudo certbot certificates
Please put 3 backticks above and below each output, like this:
```
output
```
Tool for checking redirects:
https://www.redirect-checker.org/index.php
3 Likes
rg305
July 28, 2021, 5:10pm
8
The problem with the apex domain is a loop:
curl -Iki http://citihealth.in/
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 17:09:41 GMT
Server: Apache/2.4.38 (Debian)
Location: https://citihealth.in/
Content-Type: text/html; charset=iso-8859-1
curl -Iki https://citihealth.in/
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 17:09:47 GMT
Server: Apache/2.4.38 (Debian)
Cache-Control: no-cache
Location: http://citihealth.in/
Content-Type: text/html; charset=utf-8
4 Likes
rg305
July 28, 2021, 5:14pm
9
A (bigger) loop also exists within the "www" name:
curl -Iki http://www.citihealth.in/
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 17:12:39 GMT
Server: Apache/2.4.38 (Debian)
Location: https://www.citihealth.in/
Content-Type: text/html; charset=iso-8859-1
curl -Iki https://www.citihealth.in/
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 17:12:51 GMT
Server: Apache/2.4.38 (Debian)
Location: https://citihealth.in/index.php?
Content-Type: text/html; charset=utf-8
curl -Iki https://citihealth.in/index.php?
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 17:13:02 GMT
Server: Apache/2.4.38 (Debian)
Cache-Control: no-cache
Location: http://citihealth.in/index.php?
Content-Type: text/html; charset=utf-8
curl -Iki http://citihealth.in/index.php?
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 17:13:23 GMT
Server: Apache/2.4.38 (Debian)
Location: https://citihealth.in/index.php?
Content-Type: text/html; charset=iso-8859-1
curl -Iki https://citihealth.in/index.php?
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Jul 2021 17:13:36 GMT
Server: Apache/2.4.38 (Debian)
Cache-Control: no-cache
Location: http://citihealth.in/index.php?
4 Likes
Yes, what is the solution for these redirects?
2 Likes
What are the outputs of:
sudo cat /etc/apache2/sites-available/000-default.conf
sudo cat /etc/apache2/sites-available/citihealth.in
sudo cat /etc/apache2/sites-available/default-ssl.conf
sudo cat /etc/apache2/sites-available/prestashop.conf
sudo cat /etc/apache2/sites-available/prestashop-le-ssl.conf
4 Likes
Fixing the configuration files. Hence my previous post.
4 Likes
webthinkers40:
sudo cat /etc/apache2/sites-available/prestashop-le-ssl.conf
OUTPUT
redirected to root - NO OUTPUT
Try this one again, please. Something is amiss.
3 Likes
What about:
sudo cat /etc/apache2/sites-enabled/prestashop-le-ssl.conf
4 Likes
Is that file open in some type of editor or locked for some reason? It's clearly not empty and sudo apachectl -S
was able to read it.
4 Likes
The file is not locked or opened in any editor.
2 Likes
If the file is open in the nano editor, it is empty
2 Likes
What's the current output of sudo apachectl -S
?
4 Likes
Let's try this:
sudo apachectl -k graceful
sudo cat /etc/apache2/sites-enabled/prestashop-le-ssl.conf
3 Likes