Hi,
I am sorry to bother this forum with my question because I know this has nothing to do with letsencrypt...
That works really well actually! Thanks for your awesome work on that.
But I got help for a reverse proxy before and thought maybe someone could help again?
The issue is, that sometimes my redirect doesn't work properly. I get "Service Unavailable" but I really have no clue why that is.
Normally the reverse Proxy works fine and I wanted to know if I can correct my reverse proxy in any way to fix that issue?
root@filme-server:/etc/apache2/sites-available# cat fritz.conf
<VirtualHost *:80>
ServerName fritz.mydomain.de
Redirect permanent / https://fritz.mydomain.de/
RewriteEngine on
RewriteCond %{SERVER_NAME} =fritz.mydomain.de
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName fritz.mydomain.de
ProxyPreserveHost On
ProxyPass /.well-known !
ProxyPass / http://myfritzdomain.myfritz.net/
ProxyPassReverse / http://myfritzdomain.myfritz.net/
SSLEngine on
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/fritz.mydomain.de/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/fritz.mydomain.de/privkey.pem
</VirtualHost>
</IfModule>
PS: If I enter http://myfritzdomain.myfritz.net/ in my browser everything works fine and also fritz.mydomain.de usually works as expected. Only sometimes it doesn't and I don't know why
I would be really pleased if someone could help me to solve this issue!
Cheers Simon
2 Likes
_az
February 15, 2021, 10:03pm
2
Apache's error_log
is the place to look. If Apache can't connect to the destination, it will log the reason there.
2 Likes
you are right, here are the logs:
[Mon Feb 15 00:00:07.758477 2021] [mpm_event:notice] [pid 23387:tid 140058820617344] AH00489: Apache/2.4.38 (Debian) OpenSSL/1.1.1d configured -- resuming normal operations
[Mon Feb 15 00:00:07.758524 2021] [core:notice] [pid 23387:tid 140058820617344] AH00094: Command line: '/usr/sbin/apache2'
[Mon Feb 15 12:47:30.521031 2021] [proxy:error] [pid 28031:tid 140058371794688] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 12:47:30.525163 2021] [proxy_http:error] [pid 28031:tid 140058371794688] [client 95.112.126.132:50707] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 18:55:09.855991 2021] [proxy_http:error] [pid 28031:tid 140057927210752] (104)Connection reset by peer: [client 95.112.126.132:54756] AH01102: error reading status line from remote server 192.168.178.71:80
[Mon Feb 15 18:55:09.856917 2021] [proxy:error] [pid 28031:tid 140057927210752] [client 95.112.126.132:54756] AH00898: Error reading from remote server returned by /status.php
[Mon Feb 15 18:55:21.511682 2021] [proxy_http:error] [pid 28032:tid 140058204038912] (104)Connection reset by peer: [client 95.112.126.132:54760] AH01102: error reading status line from remote server 192.168.178.71:80
[Mon Feb 15 18:55:21.513208 2021] [proxy:error] [pid 28032:tid 140058204038912] [client 95.112.126.132:54760] AH00898: Error reading from remote server returned by /ocs/v1.php/config
[Mon Feb 15 18:55:22.906049 2021] [proxy_http:error] [pid 28031:tid 140058380187392] (104)Connection reset by peer: [client 95.112.126.132:54762] AH01102: error reading status line from remote server 192.168.178.71:80
[Mon Feb 15 18:55:22.906131 2021] [proxy:error] [pid 28031:tid 140058380187392] [client 95.112.126.132:54762] AH00898: Error reading from remote server returned by /ocs/v2.php/core/navigation/apps
[Mon Feb 15 21:55:46.993014 2021] [proxy_http:error] [pid 28031:tid 140057918818048] (20014)Internal error (specific information not available): [client 95.112.126.132:55057] AH01102: error reading status line from remote server 192.168.178.71:80
[Mon Feb 15 21:55:46.995969 2021] [proxy:error] [pid 28031:tid 140057918818048] [client 95.112.126.132:55057] AH00898: Error reading from remote server returned by /remote.php/dav/files/Simon/
[Mon Feb 15 21:56:19.540773 2021] [proxy:error] [pid 28031:tid 140058785539840] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 21:56:19.544729 2021] [proxy_http:error] [pid 28031:tid 140058785539840] [client 95.112.126.132:55060] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 21:56:23.380990 2021] [proxy:error] [pid 28032:tid 140057390339840] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 21:56:23.385069 2021] [proxy_http:error] [pid 28032:tid 140057390339840] [client 95.112.126.132:55061] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:33:11.636602 2021] [proxy:error] [pid 28032:tid 140057398732544] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:33:11.640301 2021] [proxy_http:error] [pid 28032:tid 140057398732544] [client 95.112.126.132:63201] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:33:43.380548 2021] [proxy:error] [pid 28032:tid 140058802341632] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:33:43.380581 2021] [proxy_http:error] [pid 28032:tid 140058802341632] [client 95.112.126.132:63213] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
[Mon Feb 15 22:33:46.964153 2021] [proxy:error] [pid 28031:tid 140058760337152] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:33:46.964195 2021] [proxy_http:error] [pid 28031:tid 140058760337152] [client 95.112.126.132:63214] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:34:18.713061 2021] [proxy:error] [pid 28031:tid 140057935603456] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:34:18.713108 2021] [proxy_http:error] [pid 28031:tid 140057935603456] [client 95.112.126.132:63217] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
[Mon Feb 15 22:34:21.013092 2021] [proxy:error] [pid 28032:tid 140058195646208] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:34:21.013133 2021] [proxy_http:error] [pid 28032:tid 140058195646208] [client 95.112.126.132:63218] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:34:52.757677 2021] [proxy:error] [pid 28032:tid 140058304685824] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:34:52.757761 2021] [proxy_http:error] [pid 28032:tid 140058304685824] [client 95.112.126.132:63228] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
[Mon Feb 15 22:34:59.412730 2021] [proxy:error] [pid 28032:tid 140057390339840] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:34:59.412820 2021] [proxy_http:error] [pid 28032:tid 140057390339840] [client 95.112.126.132:63234] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:35:03.252610 2021] [proxy:error] [pid 28031:tid 140057893639936] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:35:03.252696 2021] [proxy_http:error] [pid 28031:tid 140057893639936] [client 95.112.126.132:63235] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:35:35.259744 2021] [proxy:error] [pid 28032:tid 140058304685824] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:35:35.259836 2021] [proxy_http:error] [pid 28032:tid 140058304685824] [client 95.112.126.132:63265] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
[Mon Feb 15 22:37:02.036916 2021] [proxy:error] [pid 28031:tid 140058777138944] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:37:02.037007 2021] [proxy_http:error] [pid 28031:tid 140058777138944] [client 95.112.126.132:63268] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:37:33.782489 2021] [proxy:error] [pid 28032:tid 140058785539840] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:37:33.782578 2021] [proxy_http:error] [pid 28032:tid 140058785539840] [client 95.112.126.132:63270] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
[Mon Feb 15 22:43:03.764983 2021] [proxy:error] [pid 28032:tid 140058785539840] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:43:03.765070 2021] [proxy_http:error] [pid 28032:tid 140058785539840] [client 95.112.126.132:63374] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:43:35.510156 2021] [proxy:error] [pid 28032:tid 140058170468096] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:43:35.510243 2021] [proxy_http:error] [pid 28032:tid 140058170468096] [client 95.112.126.132:63377] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
[Mon Feb 15 22:44:58.453392 2021] [proxy:error] [pid 28031:tid 140058396972800] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:44:58.453496 2021] [proxy_http:error] [pid 28031:tid 140058396972800] [client 95.112.126.132:63382] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:45:30.198467 2021] [proxy:error] [pid 28031:tid 140058777138944] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:45:30.198560 2021] [proxy_http:error] [pid 28031:tid 140058777138944] [client 95.112.126.132:63432] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
[Mon Feb 15 22:57:20.085204 2021] [proxy:error] [pid 28032:tid 140058760337152] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:57:20.085305 2021] [proxy_http:error] [pid 28032:tid 140058760337152] [client 95.112.126.132:63669] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net
[Mon Feb 15 22:57:51.829069 2021] [proxy:error] [pid 28031:tid 140058802341632] (113)No route to host: AH00957: HTTP: attempt to connect to 77.6.248.87:80 (myfritzdomain.myfritz.net) failed
[Mon Feb 15 22:57:51.829157 2021] [proxy_http:error] [pid 28031:tid 140058802341632] [client 95.112.126.132:63685] AH01114: HTTP: failed to make connection to backend: myfritzdomain.myfritz.net, referer: https://fritz.mydomain.de/
Sadly I can't see how they are helping me to solve this issue.
1 Like
griffin
February 15, 2021, 10:11pm
4
Welcome to the Let's Encrypt Community, Simon
What says this?
sudo apachectl -S
2 Likes
_az
February 15, 2021, 10:14pm
5
sim0nw0lf:
No route to host
That the networking error right there, which comes from the operating system when it tries to connect to the other machine.
This looks like a local networking issue to me more than anything. I don't think that your certificate or Apache setup has any problems.
I realize that doesn't make it simpler to solve, sorry .
3 Likes
griffin
February 15, 2021, 10:15pm
6
I agree @_az . Figure it's a hardcoded IP address in an unreserved DHCP setup.
2 Likes
Thanks
This is the output, I am masking my domain if you dont mind
root@filme-server:/etc/apache2/sites-available# sudo apachectl -S
VirtualHost configuration:
*:80 is a NameVirtualHost
default server bazarr.mydomain.de (/etc/apache2/sites-enabled/bazarr.conf:1)
port 80 namevhost bazarr.mydomain.de (/etc/apache2/sites-enabled/bazarr.conf:1)
port 80 namevhost cloud.mydomain.de (/etc/apache2/sites-enabled/cloud.conf:1)
port 80 namevhost simonwolf.ddns.net (/etc/apache2/sites-enabled/filme-Server_weiterleitung.conf:1)
port 80 namevhost fritz.mydomain.de (/etc/apache2/sites-enabled/fritz.conf:1)
port 80 namevhost filme.mydomain.de (/etc/apache2/sites-enabled/jellyfin.conf:1)
port 80 namevhost radarr.mydomain.de (/etc/apache2/sites-enabled/radarr.conf:1)
port 80 namevhost sonarr.mydomain.de (/etc/apache2/sites-enabled/sonarr.conf:1)
port 80 namevhost usenet.mydomain.de (/etc/apache2/sites-enabled/usenet.conf:1)
port 80 namevhost wunsch.mydomain.de (/etc/apache2/sites-enabled/wunsch.conf:1)
*:443 is a NameVirtualHost
default server bazarr.mydomain.de (/etc/apache2/sites-enabled/bazarr.conf:10)
port 443 namevhost bazarr.mydomain.de (/etc/apache2/sites-enabled/bazarr.conf:10)
port 443 namevhost cloud.mydomain.de (/etc/apache2/sites-enabled/cloud.conf:8)
port 443 namevhost simonwolf.ddns.net (/etc/apache2/sites-enabled/filme-Server_weiterleitung.conf:19)
port 443 namevhost fritz.mydomain.de (/etc/apache2/sites-enabled/fritz.conf:10)
port 443 namevhost filme.mydomain.de (/etc/apache2/sites-enabled/jellyfin.conf:17)
port 443 namevhost radarr.mydomain.de (/etc/apache2/sites-enabled/radarr.conf:10)
port 443 namevhost sonarr.mydomain.de (/etc/apache2/sites-enabled/sonarr.conf:10)
port 443 namevhost usenet.mydomain.de (/etc/apache2/sites-enabled/usenet.conf:10)
port 443 namevhost wunsch.mydomain.de (/etc/apache2/sites-enabled/wunsch.conf:11)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
1 Like
I can't really follow you at this point, because I know too little about networking but I can tell you that the Adress I am trying to connect to is a myfritz adress from my fritz box. It was provided from the MyFritz service within the settings if that helps in any way
1 Like
griffin
February 15, 2021, 10:23pm
9
Are you able to ping 192.168.178.71
?
1 Like
yes, I have several other sites running on this server and they all work fine.
I just replaced the myfritz adress with fritz.box and that works without issues.
It's not really what I wanted to do becaue then I can not login with my myfritz account but instead I have to use the default fritzbox password...
Is it maybe the redirect method? This myfritz adress is not an internal adress as far as I know. Is that an issue?
griffin
February 15, 2021, 10:29pm
11
This seems no bueno:
The bold is the problem. Hence the 503 error code.
1 Like
griffin
February 15, 2021, 10:31pm
12
My guess is there is something goofy in your reverse proxy setup.
2 Likes
You are right, there was!
I think I just now understood what the issue was:
This adress I was trying to connect to was an external adress and the option "ProxyPreserveHost" was turned on! That means it went into the same reverse proxy config again.
I removed this option so that my fritzbox can recognize its hostname and redirect it to itself as it should and that worked!
The only thing I am wondering about is why it even worked sometimes
Thanks for your help!
2 Likes
griffin
February 15, 2021, 10:51pm
14
sim0nw0lf:
Thanks for your help!
You're quite welcome.
A very good question indeed!
2 Likes
system
Closed
March 17, 2021, 10:51pm
15
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.