Question

Docker containers are up and running but website throws a HTTP 403 / 502

So I’ve managed to get my containers up and running for my Django app, pretty sure this is coming from the server itself.

Django-admin app, with Nginx, Gunicorn and PostgreSQL. Droplet - 1 GB / 25 GB Disk / FRA1 - Ubuntu 20.04 (LTS) x64. DomainName bought at GoDaddy.

Screenshot of the webpage.

HTTPstatus.io response details

Status code

403

Status message

Forbidden

Response headersView body

* ServerSucuri/Cloudproxy
* DateThu, 09 Feb 2023 19:28:19 GMT
* Content-Typetext/html
* Transfer-Encodingchunked
* Connectionclose
* X-Sucuri-Id19040
* X-Xss-Protection1; mode=block
* X-Frame-OptionsSAMEORIGIN
* X-Content-Type-Optionsnosniff
* Content-Security-Policyupgrade-insecure-requests;
* X-Sucuri-BlockDDOS22

docker ps -a

CONTAINER ID   IMAGE        COMMAND                  CREATED             STATUS                   PORTS                                       NAMES
ce55184b5f2a   html_app     "gunicorn --access-l…"   3 minutes ago       Up 3 minutes             0.0.0.0:8000->8000/tcp, :::8000->8000/tcp   html_app_1
04e39330ebac   html_nginx   "/docker-entrypoint.…"   3 minutes ago       Up 3 minutes             0.0.0.0:80->80/tcp, :::80->80/tcp           html_nginx_1
a72ce37c3e46   html_db      "docker-entrypoint.s…"   About an hour ago   Up 3 minutes (healthy)   5432/tcp                                    html_db_1

docker logs 04e39330ebac

/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2023/02/09 19:21:38 [notice] 1#1: using the "epoll" event method
2023/02/09 19:21:38 [notice] 1#1: nginx/1.22.1
2023/02/09 19:21:38 [notice] 1#1: built by gcc 11.2.1 20220219 (Alpine 11.2.1_git20220219) 
2023/02/09 19:21:38 [notice] 1#1: OS: Linux 5.15.0-58-generic
2023/02/09 19:21:38 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2023/02/09 19:21:38 [notice] 1#1: start worker processes
2023/02/09 19:21:38 [notice] 1#1: start worker process 29

docker logs ce55184b5f2a

[2023-02-09 19:21:50 +0000] [1] [INFO] Starting gunicorn 20.1.0
[2023-02-09 19:21:50 +0000] [1] [INFO] Listening at: unix:/run/gunicorn.sock (1)
[2023-02-09 19:21:50 +0000] [1] [INFO] Using worker: sync
[2023-02-09 19:21:50 +0000] [7] [INFO] Booting worker with pid: 7
[2023-02-09 19:21:50 +0000] [8] [INFO] Booting worker with pid: 8
[2023-02-09 19:21:50 +0000] [9] [INFO] Booting worker with pid: 9

docker logs a72ce37c3e46

PostgreSQL Database directory appears to contain a database; Skipping initialization

LOG:  database system was shut down at 2023-02-09 19:20:16 UTC
LOG:  MultiXact member wraparound protections are now enabled
LOG:  database system is ready to accept connections
LOG:  autovacuum launcher started

cat /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

source /etc/network/interfaces.d/*

ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether e2:d6:db:d6:3b:cb brd ff:ff:ff:ff:ff:ff
    altname enp0s3
    inet {IP_ADDRESS_OF_THE_SERVER}/20 brd {IP_ADDRESS_OF_THE_SERVER} scope global eth0
       valid_lft forever preferred_lft forever
    inet 10.19.0.6/16 brd 10.19.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::e0d6:dbff:fed6:3bcb/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 12:c7:32:6c:ea:10 brd ff:ff:ff:ff:ff:ff
    altname enp0s4
    inet 10.114.0.3/20 brd 10.114.15.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::10c7:32ff:fe6c:ea10/64 scope link
       valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:25:6b:04:7d brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:25ff:fe6b:47d/64 scope link
       valid_lft forever preferred_lft forever
5: br-fd6471af0f27: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:77:9a:27:16 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global br-fd6471af0f27
       valid_lft forever preferred_lft forever

ip route

default via {IP_ADDRESS_OF_THE_SERVER} dev eth0 proto static
10.19.0.0/16 dev eth0 proto kernel scope link src 10.19.0.6
10.114.0.0/20 dev eth1 proto kernel scope link src 10.114.0.3
{IP_ADDRESS_OF_THE_SERVER}/20 dev eth0 proto kernel scope link src {IP_ADDRESS_OF_THE_SERVER}
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.18.0.0/16 dev br-fd6471af0f27 proto kernel scope link src 172.18.0.1 linkdown

iptables -nvL --line-numbers

Chain INPUT (policy DROP 5989 packets, 275K bytes)
num   pkts bytes target     prot opt in     out     source               destination        
1    25311 6221K ufw-before-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
2    25311 6221K ufw-before-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
3     6050  278K ufw-after-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
4     5989  275K ufw-after-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
5     5989  275K ufw-reject-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
6     5989  275K ufw-track-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination        
1     2911   32M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
2     2911   32M DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
3     1899   32M ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
4        0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0          
5     1012 99653 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0          
6        0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0          
7        0     0 ACCEPT     all  --  *      br-fd6471af0f27  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
8        0     0 DOCKER     all  --  *      br-fd6471af0f27  0.0.0.0/0            0.0.0.0/0          
9        0     0 ACCEPT     all  --  br-fd6471af0f27 !br-fd6471af0f27  0.0.0.0/0            0.0.0.0/0          
10       0     0 ACCEPT     all  --  br-fd6471af0f27 br-fd6471af0f27  0.0.0.0/0            0.0.0.0/0          
11       0     0 ufw-before-logging-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
12       0     0 ufw-before-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
13       0     0 ufw-after-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
14       0     0 ufw-after-logging-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
15       0     0 ufw-reject-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
16       0     0 ufw-track-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain OUTPUT (policy ACCEPT 11 packets, 508 bytes)
num   pkts bytes target     prot opt in     out     source               destination        
1    19429 4395K ufw-before-logging-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
2    19429 4395K ufw-before-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
3      203 18947 ufw-after-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
4      203 18947 ufw-after-logging-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
5      203 18947 ufw-reject-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
6      203 18947 ufw-track-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain DOCKER (2 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1     1012 99653 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0          
2        0     0 DOCKER-ISOLATION-STAGE-2  all  --  br-fd6471af0f27 !br-fd6471af0f27  0.0.0.0/0            0.0.0.0/0          
3     2911   32M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0          
2        0     0 DROP       all  --  *      br-fd6471af0f27  0.0.0.0/0            0.0.0.0/0          
3     1012 99653 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain DOCKER-USER (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1     2911   32M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-after-forward (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-after-input (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        9   702 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:137
2        0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:138
3       10   440 ufw-skip-to-policy-input  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:139
4       42  2040 ufw-skip-to-policy-input  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:445
5        0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
6        0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:68
7        0     0 ufw-skip-to-policy-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1      773 37106 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-after-output (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-before-forward (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
2        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
3        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
4        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
5        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
6        0     0 ufw-user-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-before-input (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1     3512 1120K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0          
2    14755 4760K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
3       16  2203 ufw-logging-deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
4       16  2203 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
5        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
6        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
7        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
8        8   288 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
9        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:67 dpt:68
10    7020  338K ufw-not-local  all  --  *      *       0.0.0.0/0            0.0.0.0/0          
11      32  5726 ACCEPT     udp  --  *      *       0.0.0.0/0            224.0.0.251          udp dpt:5353
12       0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            239.255.255.250      udp dpt:1900
13    6988  332K ufw-user-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-before-logging-forward (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-before-logging-input (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-before-logging-output (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-before-output (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1     3514 1120K ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0          
2    15712 3256K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
3      203 18947 ufw-user-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-logging-allow (0 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "

Chain ufw-logging-deny (2 references)
num   pkts bytes target     prot opt in     out     source               destination        
1       16  2203 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID limit: avg 3/min burst 10
2        0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-not-local (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1     6988  332K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL
2       32  5726 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type MULTICAST
3        0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST
4        0     0 ufw-logging-deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10
5        0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-reject-forward (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-reject-input (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-reject-output (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-skip-to-policy-forward (0 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-skip-to-policy-input (7 references)
num   pkts bytes target     prot opt in     out     source               destination        
1       61  3182 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-skip-to-policy-output (0 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-track-forward (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-track-input (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-track-output (1 references)
num   pkts bytes target     prot opt in     out     source               destination        
1       11   668 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW
2      181 17771 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW

Chain ufw-user-forward (1 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-user-input (1 references)
num   pkts bytes target     prot opt in     out     source               destination         debug2: channel 0: window 993984 sent adjust 54592

1      801 47460 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22
2      105  5215 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 80,443 /* 'dapp_Nginx%20Full' */
3       10   440 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8000
4        2    92 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:8000
5       20  1016 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25 /* 'dapp_Postfix' */
6        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443
7        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:443
8        0     0 ACCEPT     tcp  --  *      *       109.221.175.158      0.0.0.0/0            tcp dpt:22
9        0     0 ACCEPT     udp  --  *      *       109.221.175.158      0.0.0.0/0            udp dpt:22

Chain ufw-user-limit (0 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
2        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain ufw-user-limit-accept (0 references)
num   pkts bytes target     prot opt in     out     source               destination        
1        0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain ufw-user-logging-forward (0 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-user-logging-input (0 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-user-logging-output (0 references)
num   pkts bytes target     prot opt in     out     source               destination        

Chain ufw-user-output (1 references)
num   pkts bytes target     prot opt in     out     source               destination

ufw status verbose

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW IN    Anywhere                  
80,443/tcp (Nginx Full)    ALLOW IN    Anywhere                  
8000                       ALLOW IN    Anywhere                  
25/tcp (Postfix)           ALLOW IN    Anywhere                  
443                        ALLOW IN    Anywhere                  
22                         ALLOW IN    109.221.175.158          
22/tcp (v6)                ALLOW IN    Anywhere (v6)            
80,443/tcp (Nginx Full (v6)) ALLOW IN    Anywhere (v6)            
8000 (v6)                  ALLOW IN    Anywhere (v6)            
25/tcp (Postfix (v6))      ALLOW IN    Anywhere (v6)            
443 (v6)                   ALLOW IN    Anywhere (v6)

cat /etc/netplan/50-cloud-init.yaml

# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        eth0:
            addresses:
            - {IP_ADDRESS_OF_THE_SERVER}/20
            - 10.19.0.6/16
            gateway4: {IP_ADDRESS_OF_THE_SERVER}
            match:
                macaddress: e2:d6:db:d6:3b:cb
            nameservers:
                addresses:
                - 67.207.67.3
                - 67.207.67.2
                search: []
            set-name: eth0
        eth1:
            addresses:
            - 10.114.0.3/20
            match:
                macaddress: 12:c7:32:6c:ea:10
            nameservers:
                addresses:
                - 67.207.67.3
                - 67.207.67.2
                search: []
            set-name: eth1

There’s obviously something that I missed.


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
February 10, 2023

Hi there,

As far as I can see from the output the 403 error that you are seeing is coming from Cloudproxy which is a service offered by GoDaddy.

What I could suggest is just using a free DigitalOcean Cloud firewall instead, that way you will have better control over of what traffic is allowed.

On another note, your Docker setup looks good, does it work if you try to access your server IP directly rather than going via the GoDaddy firewall?

Best,

Bobby

Hi Bobby! Many thanks for your really kind input!

Still struggling with this.

I’ve changed the ports at the end of my docker-compose.prod from “80:80” to “443:443”, gunicorn is not throwing any error anymore however I still have the hosting server read timeout. I’ve been jumping back and forth between Sucuri support and Digital Ocean support with no luck.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

card icon
Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Sign up
card icon
Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We’d like to help.

Learn more
card icon
Become a contributor

You get paid; we donate to tech nonprofits.

Learn more
Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow – whether you’re running one virtual machine or ten thousand.

Learn more ->
DigitalOcean Cloud Control Panel
Get started for free

Enter your email to get $200 in credit for your first 60 days with DigitalOcean.

New accounts only. By submitting your email you agree to our Privacy Policy.

© 2023 DigitalOcean, LLC.