Hi, I am currently using AWS EC2 (Ubuntu) instance to run a bot, I’ve already set up a Letsencrypt SSL using Certbot NGINX, however it fails to listen to the ‘port:5000’.

The webpage loads with the SSL, however the images don’t load for some reason. If someone could help me, that would be great, I’ve spend days trying to figure out what the issue is.

Many Thanks

etc/nginx/sites-available

# Default server configuration

server {

    # SSL configuration

    server_name www.mydomain.tk mydomain.tk;
    listen 443 ssl;

    ssl_certificate /etc/letsencrypt/live/mydomain.tk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mydomain.tk/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    error_log /var/log/nginx/mydomain_error.log;
    access_log /var/log/nginx/mydomain_access.log;

    root /var/www/html;

    location / {
        # Basic Settings  
        try_files $uri $uri/ =404;
        proxy_read_timeout 30s;
        proxy_http_version 1.1;

        # Change PORT to the port you've set in the previous step
        proxy_pass http://127.0.0.1:5000;
        proxy_redirect https://127.0.0.1:5000 https://$server_name;
        # Headers
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Content-Type-Options nosniff;
        proxy_set_header X-Frame-Options "DENY";
        proxy_set_header Referrer-Policy "strict-origin";
    }
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#   listen 80;
#   listen [::]:80;
#
#   server_name example.com;
#
#   root /var/www/example.com;
#   index index.html;
#
#   location / {
#       try_files $uri $uri/ =404;
#   }
#}

server {
    if ($host = www.mydomain.tk) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = mydomain.tk) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name mydomain.tk www.mydomain.tk;
    return 404; # managed by Certbot

}

nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}


#mail {
#   # See sample authentication script at:
#   # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#   # auth_http localhost/auth.php;
#   # pop3_capabilities "TOP" "USER";
#   # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#   server {
#       listen     localhost:110;
#       protocol   pop3;
#       proxy      on;
#   }
# 
#   server {
#       listen     localhost:143;
#       protocol   imap;
#       proxy      on;
#   }
#}

Bot Log (mydomain_error.log):

2020/09/24 18:34:29 [error] 1844#1844: *7 connect() failed (111: Connection refused) while connecting to upstream, client: 12.345.678.90, server: www.mydomain.tk, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:5000/", host: "mydomain.tk"
edited by MattIPv4

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hello,

You are trying to proxy the requests to http://127.0.0.1:5000;, do you have anything listening on that port on your droplet?

You can check it out by typing in the following command:

netstat -tulpen | grep 5000

If there isn’t, it would explain why it’s not working properly.

Additionally, you mentioned the bot is on another host, and you are trying to connect to it as well.

Looking at the log it seems it’s trying to but can’t. It’s again mentioned 127.0.0.1:5000. Try changing the localhost IP to the remote server you are trying to connect to.

Submit an Answer