While trying to renew the letsencrypt cert I got the following error
produced an unexpected error: Problem binding to port 443: Could not bind to IPv4 or IPv6.. Skipping.
A simple solution – in my case – was to stop nginx, renew the cert and start nginx.
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: subdomain.domain.com
Type: unauthorized
Detail: Invalid response from
http://subdomain.domain.com/.well-known/acme-challenge/XXXXXXX_XXXXXXXX:
"<!DOCTYPE html>
<html lang="en">
<head>
<title>404 Page Not Found</title>
<style type="text/css">
::selection{ background-color"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
Try to add the following, inside server{}, on user nginx domain configuration..
location /.well-known/acme-challenge/ {
try_files $uri /dev/null =404;
}
And reboot nginx… 🙂
So!,
letsencrypt renew output
Domain: www.domain.com Type: unauthorized Detail: Invalid response from http://www.domain.com/.well-known/acme-challenge/WLpdvugG3YzC53RTrZMJcYWsRqcj64vWLw43HNBkMN6:
nginx error log
66.133.XXX.XXX - - [11/Feb/2017:09:33:20 +0100] "GET /.well-known/acme-challenge/WLpdvugG3YzC53RTrZMJcYWsRqcj64vWLw43HNBkMN6 HTTP/1.1" 404 247 "http://www.domain.com/.well-known/acme-challenge/WLpdvugG3YzC53RTrZMJcYWsRqcj64vWLw43HNBkMN6" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
“Somehow” my domain root has changed.
I had to take a look at /etc/letsencrypt/renewal/domain.com.conf and fix some paths… 🙂
I was getting the following error on a *fresh* CentOS…
Warning: Unknown: open(/var/lib/php/session/sess_isu2r2bqudeosqvpoo8a67oj02, O_RDWR) failed: Permission denied (13) in Unknown on line 0
Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0
This will do the work…
chown -R nginx:nobody /var/lib/php/session && chmod -R 770 /var/lib/php/session
So!,
My nagios was returning a CRITICAL error on one of my servers…
and httpd server wasn’t responding….
I think that problem was on IPTABLES / FAIL2BAN ban list. I had 702 banned IPs…
After I clean them up, everything went okay!
Just bought a SSL certificate for one of my clients….
Here are some useful tutorial links.—
CSR Generation: Using OpenSSL (Apache w/mod_ssl, NGINX, OS X)
https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1/66/
Nginx CSR Generation using OpenSSL
https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/801/0/nginx-csr-generation-using-openssl
Certificate Installation: Apache & mod_ssl
https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/637/66/
Certificate Installation : NGINX
https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1091/0/certificate-installation–nginx
SUPZ!
One of my blogs is getting lots of login attempts from HACKERS :>
Only allow specific IP to access a specific directory
Inside the configuration of the domain (ex. /etc/nginx/sites-enabled/playboy.com), lets add the following entries – this will allow IP 84.91.XXX.XXX to wp-admin folder and block all the others
location /full_movies/ {
allow 84.91.XXX.XXX;
deny all;
}
This should to the trick! but if we are using cloudflare the domain we need to add some lines at our nginx.conf (/etc/nginx/nginx.conf) so nginx reads the correct IP from the visitor…
Inside http { lets add the following
set_real_ip_from 204.93.240.0/24; set_real_ip_from 204.93.177.0/24; set_real_ip_from 199.27.128.0/21; set_real_ip_from 173.245.48.0/20; set_real_ip_from 103.22.200.0/22; set_real_ip_from 141.101.64.0/18; set_real_ip_from 108.162.192.0/18; real_ip_header CF-Connecting-IP;
Horray!
To protect your wordpress login & wp-admin…
location ~ '(/wp-login.php|/wp-admin)' {
allow 84.91.4.220;
deny all;
}
This might affect your theme/plugins.
It protects /wp-admin/wp-ajax.php….
I was having a 500 Internal Server Error…
nginx logs were showing me the following
2016/03/17 12:09:32 [crit] 31488#0: *11192 open() "/var/lib/nginx/tmp/client_body/0000000005" failed (13: Permission denied), client: 84.91.XXX.XXX, server: host.com, request: "POST /trades_edit/edit_trade HTTP/1.1", host: "host.com", referrer: "https://host.com/trades_edit/125"
Solution?
chown -R www-data:www-data /var/lib/nginx
Got the following error while uploading a WordPress theme.
Had to edit /etc/nginx/nginx.conf and add the following line inside http {
client_max_body_size 20M;