Question

Got locked out of droplet after installing nginx

I was following through this tutorial for my droplet https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-20-04

then after i logged out i can’t connect to my droplet both via SSH and web console.

How can i fix this, and is there a better way to do this so i don’t repeat the same mistake?


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
January 30, 2024
Accepted Answer

Hey,

It seems like you might have inadvertently changed some settings that are now preventing you from accessing your server. Let’s try to troubleshoot this step-by-step.

Firstly, the inability to connect via SSH and web console suggests a possible issue with the firewall settings. When you install NGINX, it listens on port 80 (HTTP) and 443 (HTTPS). If your firewall is not configured to allow traffic on these ports, or if it was somehow misconfigured, that could be the reason for the issue.

Here’s what you can do to regain access:

  1. Access via Recovery Console: DigitalOcean provides a Recovery Console that you can use to access your droplet if you’re locked out. Log into your DigitalOcean account, go to the Droplets page, select your droplet, and use the “Access” section to launch the Recovery Console.

  2. Check Firewall Settings: Once you’re in, check your firewall settings. The command sudo ufw status will show you the current status of your firewall. Ensure that SSH (port 22) is allowed. If it’s not, you can enable it using sudo ufw allow 22.

  3. Review NGINX Installation: It’s also a good idea to verify that NGINX was installed correctly and is running. Use systemctl status nginx to check its status. If there are any issues, the output should give you some clues.

  4. Reconfigure if Necessary: If you find that NGINX or the firewall settings were misconfigured, reconfigure them as needed. The tutorial you followed is generally reliable, but always make sure to follow the prerequisites listed in the beginning of the tutorials, in your case, mainly this one: Initial server setup guide for Ubuntu 20.04.

Preventing Future Issues:

  • If you make any firewall changes, always make sure to allow access on port 22 so that your SSH connection does not get locked out.

  • If possible, test significant changes on a staging server. This helps you avoid affecting your live environment.

  • Keep a record of the changes you make. This can be invaluable for troubleshooting future issues or repeating the setup process.

  • Understanding how firewalls work and how to configure them (especially UFW - Uncomplicated Firewall, on Ubuntu) is crucial:

https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-20-04

If you need further assistance, the DigitalOcean community is always here to help!

Best,

Bobby

alexdo
Site Moderator
Site Moderator badge
January 31, 2024

Heya, @mhmmdysf

You can use the recovery console and temporary disable the Firewall to regain access to your droplet using a normal ssh-client.

https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-22-04#step-9-disabling-or-resetting-ufw-optional

Once the rules are fixed you can enable UFW again in order to protect your droplet.

Regards

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel