Reputation: 2476
Nginx "Failed (111: Connection refused)"
I created a t1.micro instance, set up my security groups, and then associated this instance to an Elastic IP (the Elastic IP has a scope of "VPC", as it was my only option when creating the EIP).
I entered my public DNS URL into my browser, and I can access my site as expected; however, when I simply enter the Elastic-IP/Public-IP address associated with this DNS URL, I receive a blank white screen (empty HTML document). When I enter my DNS url on WhatsMyDNS.net, it shows the expected Elastic IP for all locations; also, when I dig +trace +add www.mySite.com, I see the expected nameservers; thus, I doubt this is a DNS propagation issue.
This leads me to believe I have an issue elsewhere, possibly with my security groups. For my security groups, I have the following configuration for debugging:
(Inbound)
HTTP, TCP, Port 80, 0.0.0.0/0
SSH, TCP, Port 22, 0.0.0.0/0
and
(Outbound)
All Traffic, All, All, 0.0.0.0/0
My VPC Network Interface has the same Security Group and is applied to the correct Instance, and likewise, my Elastic IP is associated to the correct Network Interface. Everything relates back to the proper EC2 Instance.
I'm far from an expert with AWS, and I've read numerous posts on this, but nothing seems to be glaringly obvious as to how I can go about fixing this. Could it be something with Network ACLs? Do I need VPN connections? Maybe something in the VPC Route Tables?
What can I check for specifically to debug and fix this? Has anyone experienced this previously and know where I may have gone wrong?
If more information is necessary, please let me know. Thank you.
Update
On my EC2 instance, if I stop my server:
- on the DNS URL, I receive my expected
502 Bad Gateway, Nginxerror (needless to say, I'm using Nginx as my front-end server). But... - on the Elastic IP address, I still receive that blank HTML form
I have discovered this in my error logs after making a few more attempts:
*564 connect() failed (111: Connection refused) while connecting to upstream
I assume this is a clear indicator of my problem, and I will debug this.
If anyone knows off-hand, feel free to comment of course.
Upvotes: 0
Views: 5615
Answers (1)
Reputation: 179124
If your DNS is correct, then it's not going to be anything related to security groups and ACLs, because they are completely unaware of DNS.
The problem is likely to be on your web server configuration. Since the hostname or IP address from the browser's address bar is sent to the web server in the HTTP Host: header with every request, the web server has the opportunity of serving different "sites" behind that single Elastic IP.
If you don't have it explicitly or implicitly (via some variant of a "default site" setting) configured to expect requests when the Host: header contains the IP address instead of the hostname, results vary by server, since it may have no idea what to do.
Check the web server logs for these blank screeen requests, as well as your config and the appropriate docs for the server software you are running.
Upvotes: 1
Related Questions
- Cannot reach nginx on ubuntu AWS EC2 server
- Nginx status is active but it is not serving
- connect() failed (113: Host is unreachable) while connecting to upstream nginx for aws
- Unable to reach EC2 instance after setting up NGINX
- nginx refused to connect node app on ec2 instance
- nginx connection refused after config
- Nginx don't handle request if I make request by AWS elastic IP
- Amazon aws Ec2 instance: Connection refused (by browser). Used to work
- Cannot connect to AWS EC2 via Nginx from local machine
- amazon ec2 - Couldn't resolve host