I’m trying to host a web server at home. I’m using a cable provider, dedicated IP, link speed is 1Gbps (on paper). Server itself is accessible from the internets, i tried curl’ing it from different datacenters like Hetzner and DigitalOcean, also checked with couple uptime monitors. Tried bombing it with ab = works.
Port forwarding done on mikrotik 2011 router, server is a physical machine with some serious hardware. No firewall entries here and there. Friend using same ISP a couple blocks away has no problems with getting validated.
When i run certbot, i see six connections going through router and six SYN connections to the server (using tcpdump). But nginx gets only primary http request, which goes into access log, others are eaten somewhere, have no ideas. Tried replacing web server with virtual machine installed from scratch, nginx, certbot and nothing else. No ideas (
My domain is:
site4food.com
I ran this command:
letsencrypt certonly --webroot --webroot-map="{“site4food.com”:"/usr/share/nginx/acme"}" --dry-run
It produced this output:
…
http-01 challenge for site4food.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. site4food.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: During secondary validation: Fetching http://site4food.com/.well-known/acme-challenge/3uZJChaClV_o6mDhqHkk9506jg5j2TiyWaxKmp9otgk: Timeout during connect (likely firewall problem)
My web server is (include version):
nginx/1.14.0
The operating system my web server runs on is (include version):
Ubuntu 18.04.4
My hosting provider, if applicable, is:
Home server. Dedicated white IP.
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 0.31.0