Welcome to Centmin Mod Community
Become a Member

Nginx Port 80 is not listening

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by Afaq, Dec 21, 2015.

Tags:
  1. Afaq

    Afaq Member

    42
    1
    8
    Aug 5, 2015
    Ratings:
    +2
    Local Time:
    5:29 AM
    I just moved my magento site to a new server. Both are running Centmin. After moving, the website was working. I restarted the Nginx and it stopped working. Nginx is working fine but website is not opening. Chrome is giving Connection Refused error. Server pings fine but telnet on the port 80 says that the port could not be opened to connection. I've tried pretty much everything i.e. restarting nginx, reinstalling nginx, rebooting server etc. Nothing worked. Since FTP and SSH is working fine I think it could be due to my nginx or vhost config file. Here are my files, can anyone please check whats the issue:
    nginx conf:
    Code:
    user              nginx nginx;
    worker_processes 3;
    worker_priority -10;
    
    worker_rlimit_nofile 260000;
    timer_resolution 100ms;
    
    pcre_jit on;
    
    pid         logs/nginx.pid;
    
    events {
        worker_connections  4096;
        accept_mutex on;
        accept_mutex_delay 200ms;
        use epoll;
        #multi_accept on;
    }
    
    http {
    limit_req_zone $binary_remote_addr zone=xwplogin:16m rate=40r/m;
    #limit_conn_zone $binary_remote_addr zone=xwpconlimit:16m;
    
    more_set_headers "Server: nginx centminmod";
    
    include /usr/local/nginx/conf/vts_http.conf;
    include /usr/local/nginx/conf/geoip.conf;
    include /usr/local/nginx/conf/pagespeedadmin.conf;
    include /usr/local/nginx/conf/fastcgi_param_https_map.conf;
    
    log_format      main    '$remote_addr - $remote_user [$time_local] $request '
                    '"$status" $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"'
                    ' "$connection" "$connection_requests" "$request_time"';
    
    map $scheme $fastcgi_https {
    default off;
    https on;
    }
    
    access_log  logs/access.log combined buffer=128k flush=5m;
    error_log   logs/error.log warn;
    
        index  index.php index.html index.htm;
        include       mime.types;
        default_type  application/octet-stream;
        charset utf-8;
    
            sendfile on;
            sendfile_max_chunk 512k;
            tcp_nopush  on;
            tcp_nodelay on;
            server_tokens off;
            server_name_in_redirect off;
          
            keepalive_timeout  8;
            keepalive_requests 1000;
            lingering_time 20s;
            lingering_timeout 5s;
            keepalive_disable msie6;
    
        gzip on;
        gzip_vary   on;
        gzip_disable "MSIE [1-6]\.";
            gzip_static on;
            gzip_min_length   1400;
            gzip_buffers      32 8k;
            gzip_http_version 1.0;
            gzip_comp_level 5;
            gzip_proxied    any;
            gzip_types text/plain text/css text/xml application/javascript application/x-javascript application/xml application/xml+rss application/ecmascript application/json image/svg+xml;
    
    client_body_buffer_size 256k;
    client_body_in_file_only off;
    client_body_timeout 10s;
    client_header_buffer_size 64k;
    ## how long a connection has to complete sending
    ## it's headers for request to be processed
    client_header_timeout  8s;
    client_max_body_size 50m;
    connection_pool_size  512;
    directio  4m;
    ignore_invalid_headers on;     
    large_client_header_buffers 8 64k;
    output_buffers   8 256k;
    postpone_output  1460;
    proxy_temp_path  /tmp/nginx_proxy/;
    request_pool_size  32k;
    reset_timedout_connection on;
    send_timeout     15s;
    types_hash_max_size 2048;
    server_names_hash_bucket_size 64;
    
    # for nginx proxy backends to prevent redirects to backend port
    # port_in_redirect off;
    
    open_file_cache max=50000 inactive=60s;
    open_file_cache_valid 120s;
    open_file_cache_min_uses 2;
    open_file_cache_errors off;
    open_log_file_cache max=10000 inactive=30s min_uses=2;
    
    ## limit number of concurrency connections per ip to 16
    ## add to your server {} section the next line
    ## limit_conn limit_per_ip 16;
    ## uncomment below line allows 500K sessions
    # limit_conn_log_level error;
    #######################################
    # use limit_zone for Nginx <v1.1.7 and lower
    # limit_zone $binary_remote_addr zone=limit_per_ip:16m;
    #######################################
    # use limit_conn_zone for Nginx >v1.1.8 and higher
    # limit_conn_zone $binary_remote_addr zone=limit_per_ip:16m;
    #######################################
    
    #include /usr/local/nginx/conf/conf.d/*.conf;
    }

    vhost conf:
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    server {
                listen   80;
                server_name domain.com;
                return 301 $scheme://www.domain.com$request_uri;
           }
    
    server {
      listen 80;
      server_name .domain.com;
    
    
    # ngx_pagespeed & ngx_pagespeed handler
    include /usr/local/nginx/conf/pagespeed.conf;
    include /usr/local/nginx/conf/pagespeedhandler.conf;
    include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/domain.com/log/error.log;
    
      root /home/nginx/domains/domain.com/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
       deny all;
      } 
    
      location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      try_files        $uri $uri/ @handler;
      index index.html index.php;
      expires 30d;
    
      }
    
    location @handler {
    rewrite / /index.php;
    }
    
    location ~ .php/ {
       rewrite ^(.*.php)/ $1 last;
    }
    
    location ~ .php$ {
    #if(!-e $request_filename) {
    #  rewrite / /index.php last;
    #}
    
    expires  off;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_param HTTPS $fastcgi_https;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param MAGE_RUN_CODE default;
    fastcgi_param MAGE_RUN_TYPE store;
    include fastcgi_params;
    }
    
    # include /usr/local/nginx/conf/staticfiles.conf;
    # include /usr/local/nginx/conf/php.conf;
    # include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
    # include /usr/local/nginx/conf/vts_server.conf;
    }
    
    

     
  2. eva2000

    eva2000 Administrator Staff Member

    28,987
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,767
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    web host ? some have their own firewall at a level above the server i.e. Amazon EC2 and PhoenixNap Secure Cloud so need to punch a whole in their respective firewalls for ports as well or turn off those firewalls if you can

    also verify csf whitelisted ports via command
    Code:
    egrep '^TCP_|^TCP6_|^UDP_|^UDP6_' /etc/csf/csf.conf
    CSF Firewall - CentminMod.com LEMP Nginx web stack for CentOS
     
  3. Afaq

    Afaq Member

    42
    1
    8
    Aug 5, 2015
    Ratings:
    +2
    Local Time:
    5:29 AM
    I am on OVH dedicated server.

    This is what above commands returns:
    Code:
    TCP_IN = "20,21,22,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,2112,22000,22001,2222,3000,3334,8080,8888,81,9312,9418,6081,6082,30865,3000:3050"
    TCP_OUT = "993,995,465,587,1110,1194,9418,20,21,22,25,53,80,110,113,443,587,993,995"
    UDP_IN = "67,68,1110,33434:33534,20,21,53"
    UDP_OUT = "67,68,1110,33434:33534,20,21,53,113,123"
    TCP6_IN = "20,21,22,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,2112,22000,22001,2222,3000,3334,8080,8888,81,9312,9418,6081,6082,30865,3000:3050"
    TCP6_OUT = "993,995,465,587,20,21,22,25,53,80,110,113,443,587,993,995"
    UDP6_IN = "20,21,53"
    UDP6_OUT = "20,21,53,113,123"
    
    
     
  4. eva2000

    eva2000 Administrator Staff Member

    28,987
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,767
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    looks good to me, try curl run from another server to your problematic yourdomain.com

    test against http port 80 and if ssl is enabled against https port 443 and with k option to ignore selfsigned ssl certificate errors if you have that configured
    Code:
    curl -I http://yourdomain.com:80
    curl -I https://yourdomain.com:443
    curl -Ik https://yourdomain.com:443
     
  5. Afaq

    Afaq Member

    42
    1
    8
    Aug 5, 2015
    Ratings:
    +2
    Local Time:
    5:29 AM
    This is what returns:
    curl: (7) Failed connect to sixtysix.clothing:80; Connection refused

    I've not configured ssl.
     
  6. eva2000

    eva2000 Administrator Staff Member

    28,987
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,767
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    grep your CSF firewall to check if your ip or the server you're testing from has been blocked in CSF firewall

    Code:
    csf -h
    Code:
    csf -g ipaddress
    where ipaddress is your testing server you ran curl from or your local PC ipaddress

    or online tools header check HTTP Header Check with an online CURL tool
     
  7. Afaq

    Afaq Member

    42
    1
    8
    Aug 5, 2015
    Ratings:
    +2
    Local Time:
    5:29 AM
    This with my testing server's IP address says no matches found in the ip tables.
     
  8. eva2000

    eva2000 Administrator Staff Member

    28,987
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,767
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    Maybe try restarting csf firewall ?
    Code:
    csf -r
     
  9. eva2000

    eva2000 Administrator Staff Member

    28,987
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,767
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    oh i see a possible problem you redirect non-www to www but your listening server server_name = .domain.com and not www.domain.com