0

if you check following domain:

top-produkttest.de

You will see, that nothing is loading. The Domain is pointed to the servers' IP Adress and I configured the domain in the vhosts file. The server is running on CentOS 7 and bitnami was preinstalled. Apache2 is running. I also can't access it via the Servers' IP Adress. I have another ubuntu server and I am positive, that the vhosts is configured correctly. Apache2 is not giving back any error messages at all.

Instead of trying to start wordpress, I just put an "index.html" into the directory, so I think somehow it doesn't resolve all of my settings, but I don't know where to look. All bitnami modules are running (through the /opt/bitnami/... start command)

I really don't know how to debug that problem. When I ping the website, it says "x packages send, but 0 received. 100% data loss".

Does anyone know, what could be the problem here and where I can start? I searched through the whole bitnami config, but the only thing it tells, is how to setup the vhosts(which I did).

Edit after comment:

I checked that answer and both are not correct for me.

When I check Port 80 it says:

sudo netstat -tnlp | grep :80
tcp6       0      0 :::80                   :::*                    LISTEN      31320/httpd.bin

And for the firewall part I checked with: nmap -sT -O localhost

And got back:

PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
80/tcp   open  http
443/tcp  open  https
3306/tcp open  mysql

Edit2:

My iptables config:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Frederik Witte
  • 101
  • 4
  • The timeout points to a firewall problem. You can't check the firewall with tests to localhost, the local interface is usually not routed through the firewall. You have to check this from outside your server. – Gerald Schneider Oct 17 '16 at 11:28
  • @GeraldSchneider how could I check this outside from my server? I just see, that I can't access it – Frederik Witte Oct 17 '16 at 12:16
  • @FrederikWitte run the nmap comman on a different machine than your server that should be able to reach it. You can also run `iptables -L` to check the servers local firewall, but even when that doesn't show anything it's still possible that there is a hardware firewall in front of your server. – Gerald Schneider Oct 17 '16 at 12:24
  • @GeraldSchneider I posted my iptables config now. Can you see anything of any interest there? – Frederik Witte Oct 17 '16 at 12:26

1 Answers1

0

It seems that your server is running into performance issues. I reckon it's just being extremely slow for any reason. In order to identify your problem, I recommend you the following actions:

  • Check the list of processes consuming CPU and memory. You can do it by logging in to your machine console via SSH and execute the following commands:

    ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS
ps -e -o pcpu,nice,state,cputime,args --sort -pcpu | head -10

  • In case of problems with the disk size, check the free disk space and which directories have a large number of files:

    df -ih
df -h
cd /opt/bitnami
sudo find . -type f | cut -d "/" -f 2 | sort | uniq -c | sort -n
du -h -d 1

  • Block Suspicious IP Addresses. To obtain a list of IP addresses sending requests to your server, run the command below:

    tail -n 10000 /opt/bitnami/apache2/logs/access_log | awk '{print $1}'| sort| uniq -c| sort -nr| head -n 10

  • Once the list of addresses has been generated, check their activity with the following command. Substitute the IP-ADDRESS placeholder with each of the IP addresses from the list.

    cat access_log | grep IP-ADDRESS

  • If an IP address is not a known internal or external IP address and its behaviour is suspicious (for example, accessing only one page or attempting to log in multiple times), it could be a bot. Block a suspicious IP address using the iptables command. Substitute the IP-ADDRESS placeholder with the IP address you wish to block:

    sudo su
iptables -A INPUT -s IP-ADDRESS -j DROP

NOTE: Use this with caution. If you don't specify an IP address, you will block yourself. To delete a rule, execute these commands. Substitute the IP-ADDRESS placeholder with the IP address you wish to allow:

sudo su
iptables -D INPUT -s IP-ADDRESS -j DROP

  • To have a rule active when the machine reboots, define the rule and then follow these steps:

    • Execute the following commands:

      sudo su
iptables-save > /opt/bitnami/iptables-rules
crontab -e

    • Edit the crontab file and include this line at the end of the file:

      @reboot /sbin/iptables-restore < /opt/bitnami/iptables-rules

    • Save the file and exit. This way, on every boot, the system will load the iptables rules and apply them.

I hope this information is useful for you.

Juan
  • 111
  • 1