output for netstat -tulpn | grep :80 netstat -tulpn | grep :443
Code: [16:08][root@instance-2 conf]# netstat -tulpn | grep :80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 21086/varnishd tcp6 0 0 :::80 :::* LISTEN 21086/varnishd Nothing on 443 as Nginx is not started
I even rebooted the whole VPS, no good -I also opened 8080 port in CSF and google firewall - Looks like there is something in the setup it shall be Nginx 443 on front and varnish is behind on port 80
I changed the varnish port from 80 to 81 and the proxy url in nginx vhost to 81 too however curl gives this: Code: HTTP/1.1 200 OK Date: Wed, 03 May 2017 16:43:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 3801 Last-Modified: Sun, 19 Mar 2017 21:10:27 GMT Connection: keep-alive Vary: Accept-Encoding ETag: "58cef3c3-ed9" Server: nginx centminmod X-Powered-By: centminmod Expires: Thu, 04 May 2017 16:43:01 GMT Cache-Control: max-age=86400 Cache-Control: public, must-revalidate, proxy-revalidate Accept-Ranges: bytes
now I have these ports mapped: Code: tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 699/varnishd tcp6 0 0 :::81 :::* LISTEN 699/varnishd [16:56][root@instance-2 ahmedalshaarawy]# netstat -tulpn | grep :443 tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1331/nginx: master [16:56][root@instance-2 ahmedalshaarawy]# netstat -tulpn | grep :8080 tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 1331/nginx: master
I receive 403 Forbidden LOOKS LIKE IT IS TOO COMPLICATED UPDATE: I think the problem is in varnish curl: (7) Failed connect to 1.1.1.1.1:81; Connection timed out
yes I did that, and now on chrom I got: ERR_TOO_MANY_REDIRECTS And this curl: Code: [17:40][root@instance-2 ahmed]# curl -I my-ip-address:443 HTTP/1.1 400 Bad Request Date: Wed, 03 May 2017 17:41:40 GMT Content-Type: text/html; charset=utf-8 Content-Length: 264 Connection: close Server: nginx centminmod X-Powered-By: centminmod [17:41][root@instance-2 ahmed]# curl -I my-ip-address:81 HTTP/1.1 200 OK Date: Wed, 03 May 2017 17:41:47 GMT Content-Type: text/html; charset=utf-8 Last-Modified: Sun, 19 Mar 2017 21:10:27 GMT Vary: Accept-Encoding ETag: W/"58cef3c3-ed9" Expires: Thu, 04 May 2017 17:41:47 GMT Cache-Control: max-age=86400, public, must-revalidate, proxy-revalidate Age: 0 X-Cache: MISS X-Cache-Hits: 0 Accept-Ranges: bytes Connection: keep-alive [17:41][root@instance-2 ahmed]# curl -I my-ip-address:8080 HTTP/1.1 403 Forbidden Date: Wed, 03 May 2017 17:41:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 162 Connection: keep-alive Server: nginx centminmod X-Powered-By: centminmod [17:41][root@instance-2 ahmed]# curl -I my-ip-address:80 HTTP/1.1 200 OK Date: Wed, 03 May 2017 17:42:02 GMT Content-Type: text/html; charset=utf-8 Content-Length: 3801 Last-Modified: Sun, 19 Mar 2017 21:10:27 GMT Connection: keep-alive Vary: Accept-Encoding ETag: "58cef3c3-ed9" Server: nginx centminmod X-Powered-By: centminmod Expires: Thu, 04 May 2017 17:42:02 GMT Cache-Control: max-age=86400 Cache-Control: public, must-revalidate, proxy-revalidate Accept-Ranges: bytes
looks like Im close, now Im started to see 503 errors with varnish signature Error 503 Backend fetch failed Backend fetch failed Guru Meditation: XID: 32774 Varnish cache server
I guess I need to solve this and I'm all set: [17:53][root@instance-2 ahmedalshaarawy]# curl -I my-ip:8080 HTTP/1.1 403 Forbidden Date: Wed, 03 May 2017 17:53:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 162 Connection: keep-alive Server: nginx centminmod X-Powered-By: centminmod
this is the server block for the port 8080 Code: server { listen 8080; server_name domain.com www.domain.com; index index.php; port_in_redirect off; location / { try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { try_files $uri =404; } }
Looks like the problem now is within varnish VCL etc... I got this debug repor: Code: Debug: Child cleanup complete Debug: Child (2217) Started Info: Child (2217) said Child starts Error: Child (2217) died signal=6 Error: Child (2217) Panic at: Wed, 03 May 2017 18:54:33 GMT Assert error in vca_acct(), cache/cache_acceptor.c line 539: Condition((listen(ls->sock, cache_param->listen_depth)) == 0) not true. version = varnish-5.1.1 revision de38712, vrt api = 6.0 ident = Linux,3.10.0-514.10.2.el7.x86_64,x86_64,-junix,-smalloc,-smalloc,-hcritbit,epoll now = 872.763238 (mono), 1493837673.824164 (real) Backtrace: 0x439397: varnishd() [0x439397] 0x415e55: varnishd() [0x415e55] 0x7f36b5aebdc5: /lib64/libpthread.so.0(+0x7dc5) [0x7f36b5aebdc5] 0x7f36b581a73d: /lib64/libc.so.6(clone+0x6d) [0x7f36b581a73d] errno = 98 (Address already in use) thread = (cache-acceptor) thr.req = (nil) { }, thr.busyobj = (nil) { },
--- Finally some progress However the nginx 403 is the issue: Code: Connecting to DOMAIN.COM|1.1.1.1.1.|:443... connected. HTTP request sent, awaiting response... HTTP/1.1 403 Forbidden Date: Wed, 03 May 2017 19:32:02 GMT Content-Type: text/html; charset=utf-8 Content-Length: 162 Connection: keep-alive X-Powered-By: centminmod Vary: Accept-Encoding X-Varnish: 32779 3 Age: 14 Via: 1.1 varnish (Varnish/5.1) X-Cache: HIT Server: nginx centminmod 2017-05-03 19:32:02 ERROR 403: Forbidden.
and the debug of varnishd -F -f /etc/varnish/default.vcl shows: Error: Could not get socket :80: Address already in use (-? gives usage) although I dont point it at all into varnish looks like this is the main issue the port 80 thing !!!! uPDATE: still have the 403 error, although the port 80 now is used by varnish
this is nginx error logs: Code: 2017/05/03 19:40:25 [error] 1786#1786: *339 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 0000000, server: domain.com, requ$ 2017/05/03 19:45:24 [error] 3069#3069: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 0000000, server: domain.com, request: "GET / HTTP/1.1"$