Question

Broken wordpress/web server after setting up openVPN

I had a functioning wordpress multisite droplet (IP: 188.166.85.97) and installed openVPN following the instructions in this page:

https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04

Now I realized that my webserver is not responding (I cannot open any page). Same thing has happened to the wordpress, it is either broken or not repsonding.

My main concern is to have my webserver&wordpress back to life. I do not mind to disable or undo the openVPN installation.

I did not find much information about conflict between openVPN and wordpress instalation. I am even not sure if I understand what has gone wrong. Can anyone advice please?

Subscribe
Share

I can’t really say for sure what your solution is, but I can try to make poor assumptions about your problem. Is SSH even working? If not, it sounds as if your OpenVPN installation totally boned your firewall settings and locked out all traffic. You’ll probably need to use your console to fix it.

I’ve this problem exactly. see https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server my problem solved via typing sudo ufw allow 80/tcp you can use this code for every port you want

Its your ufw rules causing that issue. There is a good chance that you just copy pasted this code in your

/etc/ufw/before.rules


#
# rules.before
#
# Rules that should be run before the ufw command line added rules. Custom
# rules should be added to one of these chains:
#   ufw-before-input
#   ufw-before-output
#   ufw-before-forward
#

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0] 
# Allow traffic from OpenVPN client to wlp11s0 (change to the interface you discovered!)
-A POSTROUTING -s 10.8.0.0/8 -o wlp11s0 -j MASQUERADE
COMMIT
# END OPENVPN RULES

# Don't delete these required lines, otherwise there will be errors
*filter

but if u see clearly -A POSTROUTING line has wlp11s0 but if your droplet is probably using eth0. change that and it will work. I did the same thing. I didn’t notice it at the first time.

you can check the correct value by

ip route | grep default

which gives something like

default via 139.59.32.1 dev eth0 onlink

the interface name is eth0 in my case.

I’m having the same problem!

I can connect via SSH, and I guess you are right about the possible firewall issue.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

@roozfeiz

You’re still able to SSH in to the Droplet, correct? If so, login to the CLI and run:

sudo killall -9 openvpn

and then restart Apache. What the above command does is simply terminate all OpenVPN processes that may be running, effectively shutting it down.

You can confirm this by issuing the command:

top

and then pressing SHIFT+M followed by C (as in the letter) on your keyboard. This sorts processes by RAM usage and then expands the process in the far right column so that you can see everything that’s running in detail. If it’s running, you’ll either see the user associated with your OpenVPN config in the far left column or the OpenVPN process in the far right.

If you see OpenVPN still running, while still in top, press k and find the ID of the process in the far left column, type it in and hit enter. You’ll be asked how to kill it off, simply hit enter (leaving it blank). If that doesn’t work, run the same again and enter -9 or 15.

Once you run the above and restart Apache, let me know if you’re up and running. If not, please run top, press SHIFT+M followed by C and upload a screenshot to imgur or another image hosting service and link to it in your reply.