IPv6 Request Responding with 403...

This is a strange one.

Last night, I decided to migrate my websites to a CentOS 7 server in London. I installed Centminmod on it and all is well.

I copied the web files and the config files other and everything appeared to work... However, when a website is requested using IPv6, it returns a 403 error.

This happens for all domains.

It worked fine on the old server... Any idea where I should look? There's nothing in the global access/error logs or the access/error logs for the relevant site...

Liam

 

Hmm, now I don't think it's a 403. I think it can't actually connect at all:

Code (Text):

[liam@maim ~]$ wget xf-liam.com

URL transformed to HTTPS due to an HSTS policy

--2016-11-21 15:37:42--  Products | XF Liam

Resolving xf-liam.com (xf-liam.com)... 2a06:8ec0:3::1:c8cb, 185.117.22.190

Connecting to xf-liam.com (xf-liam.com)|2a06:8ec0:3::1:c8cb|:443... failed: Permission denied.

Connecting to xf-liam.com (xf-liam.com)|185.117.22.190|:443... connected.

HTTP request sent, awaiting response... 303 See Other

Location: Products | XF Liam [following]

--2016-11-21 15:37:43--  Products | XF Liam

Reusing existing connection to xf-liam.com:443.

HTTP request sent, awaiting response... 200 OK

Length: 64494 (63K) [text/html]

Saving to: ‘index.html.1’


index.html.1                                       100%[================================================================================================================>]  62.98K   384KB/s    in 0.2s 


2016-11-21 15:37:43 (384 KB/s) - ‘index.html.1’ saved [64494/64494]

Netstat shows that nginx is listening to ipv6:

Code (Text):

[root@crucio xf-liam.com]# sudo netstat -plnt

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name 

tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      812/redis-server 12

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      32523/nginx: master

tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN      2602/unicorn master

tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1455/master      

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      32523/nginx: master

tcp        0      0 0.0.0.0:453             0.0.0.0:*               LISTEN      3753/sshd        

tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      1052/php-fpm: maste

tcp6       0      0 :::3306                 :::*                    LISTEN      1561/mysqld      

tcp6       0      0 :::80                   :::*                    LISTEN      32523/nginx: master

tcp6       0      0 ::1:25                  :::*                    LISTEN      1455/master      

tcp6       0      0 :::443                  :::*                    LISTEN      32523/nginx: master

tcp6       0      0 :::453                  :::*                    LISTEN      3753/sshd        

I tried disabling the firewall and same error.

The strangest thing is that it works if requested locally on the server directly.

 

I'm an idiot. I forgot to enable IPv6 in CSF...

Liam