Question
Got locked out of droplet after installing nginx
- Posted on January 29, 2024
- DigitalOcean Cloud FirewallsFirewallNginxUbuntu 22.04
Asked by mhmmd-ysf
I was following through this tutorial for my droplet https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-20-04
then after i logged out i can’t connect to my droplet both via SSH and web console.
How can i fix this, and is there a better way to do this so i don’t repeat the same mistake?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Get our biweekly newsletter
Sign up for Infrastructure as a Newsletter.
Hollie's Hub for Good
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Become a contributor
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Hey,
It seems like you might have inadvertently changed some settings that are now preventing you from accessing your server. Let’s try to troubleshoot this step-by-step.
Firstly, the inability to connect via SSH and web console suggests a possible issue with the firewall settings. When you install NGINX, it listens on port 80 (HTTP) and 443 (HTTPS). If your firewall is not configured to allow traffic on these ports, or if it was somehow misconfigured, that could be the reason for the issue.
Here’s what you can do to regain access:
Access via Recovery Console: DigitalOcean provides a Recovery Console that you can use to access your droplet if you’re locked out. Log into your DigitalOcean account, go to the Droplets page, select your droplet, and use the “Access” section to launch the Recovery Console.
Check Firewall Settings: Once you’re in, check your firewall settings. The command
sudo ufw statuswill show you the current status of your firewall. Ensure that SSH (port 22) is allowed. If it’s not, you can enable it usingsudo ufw allow 22.Review NGINX Installation: It’s also a good idea to verify that NGINX was installed correctly and is running. Use
systemctl status nginxto check its status. If there are any issues, the output should give you some clues.Reconfigure if Necessary: If you find that NGINX or the firewall settings were misconfigured, reconfigure them as needed. The tutorial you followed is generally reliable, but always make sure to follow the prerequisites listed in the beginning of the tutorials, in your case, mainly this one: Initial server setup guide for Ubuntu 20.04.
Preventing Future Issues:
If you make any firewall changes, always make sure to allow access on port 22 so that your SSH connection does not get locked out.
If possible, test significant changes on a staging server. This helps you avoid affecting your live environment.
Keep a record of the changes you make. This can be invaluable for troubleshooting future issues or repeating the setup process.
Understanding how firewalls work and how to configure them (especially UFW - Uncomplicated Firewall, on Ubuntu) is crucial:
If you need further assistance, the DigitalOcean community is always here to help!
Best,
Bobby
Heya, @mhmmdysf
You can use the recovery console and temporary disable the Firewall to regain access to your droplet using a normal ssh-client.
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-22-04#step-9-disabling-or-resetting-ufw-optional
Once the rules are fixed you can enable UFW again in order to protect your droplet.
Regards