Why my old server still get traffic after changed domain IP over 2 weeks

We changed the IP of our domain (autobizline.com) from 3.131.82.73 to 3.19.28.155 on GoDaddy.

The servers are all hosted on Amazon EC2. However, after 2 weeks we are still seeing traffic go to the old server. The new server also receives traffic. The domain A record is indeed updated already.

Is it possible related to the certbot configuration? Suppose this should be updated in 48 hours but it's already 2 weeks. Anyway to make all traffic to go to the new server??

Thanks!

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: autobizline.com

I ran this command: I updated the IP of the domain on GoDaddy

It produced this output:

My web server is (include version): nginx/1.14.0

The operating system my web server runs on is (include version): ubuntu 18

My hosting provider, if applicable, is: GoDaddy and Amazon EC2

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): GoDaddy

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.27.0

What kind of traffic? How is that related to Let's Encrypt?

3 Likes

The users' requests traffic to the domain. We don't understand why the traffic is still going to the old server and we just want to reach out to Let's Encrypt to see if you guys have met similar issues. Any suggestions?

Hi @Richard88,

That's an interesting problem, but I don't think it can be related to Let's Encrypt. The certificate does not specify an IP address (anywhere) and the Let's Encrypt service does not reveal a subscriber's server's IP address (anywhere). (A certificate for a domain name is independent of IP address and can be validly used on any server with that name, regardless of its IP address.) So, there is no way that end users of the site could be getting this outdated information from Let's Encrypt.

My guess would be that there is a DNS cache somewhere that (for some reason) is still serving out-of-date information. This might be an ISP, or a corporate or national firewall, or something. I don't know why it would serve such out-of-date information, but it might be helpful to make sure that your overall DNS configuration is correct in other regards, and also to look for patterns in the IP addresses of the users who are connecting to the wrong server.

Still another case (which is very speculative and which I haven't seen before) is that some of the users' devices could be infected with malware which for some reason is controlling their DNS lookups and but giving them out-of-date information.

If you can't figure this out, I would suggest asking on a general system administration forum. It's just very unlikely that this is connected to Let's Encrypt due to Let's Encrypt's technology not being involved in the process of delivering sites' IP addresses to end users.

4 Likes

Thank you so much, Seth and Osiris. It's very helpful all the same. Correct it's not related to Let's Encrypt. We will check more and try to see what part is the issue.

2 Likes

Agree with the others but are you sure it's "regular" users connecting using your domain name?

Your old server could be reached by IP address directly. Or indirectly using the symbolic name EC2 instances have.

1 Like

Persistent connections?

Have you rebooted the old server?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.