How do I troubleshoot website connectivity issues on my EC2 Windows instance?

4 minute read

I want to troubleshoot issues that I’m having when I connect to the website that's hosted on my Amazon Elastic Compute Cloud (Amazon EC2) Windows instance.

Short description

When a website that runs on your Amazon EC2 instance becomes unavailable or unreachable, check the following configurations:

The instance is running and passes status checks.
The instance boots correctly.
The CPU, disk, or memory isn't overutilized on your instance.
The security group and network access control list (network ACL) allow traffic on the correct ports, and you're instance's route table defaults to an internet gateway.
Your instance has the correct DNS configuration.
The web server is running, and the firewall allows access.
The TLS/SSL certificate is valid for the HTTPS connection.

Resolution

Check that the instance is running and passing status checks

Make sure that your instance is listed as Running in the Amazon EC2 console. If your instance isn't listed as Running, then see Why is my EC2 Windows instance down with an instance status check failure?

Check that the instance boots correctly

Check your instance screenshot to identify boot errors. For more information, see How do I capture a screenshot of an unreachable Amazon EC2 Windows instance for troubleshooting?
Use EC2Rescue to further troubleshoot. For more information, see How can I use EC2Rescue to troubleshoot issues with my Amazon EC2 Windows instance?

Check that the CPU, disk, or memory isn't overutilized on your instance

If your website is slow or intermittently inaccessible, then see How do I troubleshoot slow connections to a website hosted on my EC2 instance?
If you must resize your available memory, disk, or other resources, then resize your instance type. For more information, see How do I resize my EC2 Windows instance or change the EC2 Windows instance type?

Check the security group, network ACL, and route tables of your instance

Make sure your instance's security group and network ACL allow traffic on port 80 and 443. For more information, see I host a website on an EC2 instance. How do I allow my users to connect on HTTP (80) or HTTPS (443)?
Make sure that the route table in your instance's subnet has a default route to an internet gateway. For more information, see Configure route tables.

Check that your instance has the correct DNS configuration

If your website uses an Amazon Route 53 DNS service, then check that you correctly configured the DNS records. For more information, see Why can't I access my website that uses Route 53 DNS services?
Make sure that an Elastic IP address is assigned to your instance. If you stop and start your instance, then the Elastic IP address remains associated to your instance.
Make sure to map the public IP address or Elastic IP address to an A record.
If you use another DNS hosting service, then make sure to update the website's name servers on the domain that the website is registered to.

Check the web server and firewall settings

Run the following commands in Windows Service Manager to check that your web server is running:

net Stop W3SVC

net Start W3SVC

iisreset/restart

If your web server isn't running or your firewalls don't allow access, then users can't connect to your website. To check if your instance responds to a website on a specified port, run the following PowerShell commands from the remote machine:

Note: Replace the example values with your values.

tnc <example-public-IP> -port <example-port-number>

tnc <example-DNS-website-name> -port <example-port-number>

To check if a port that's bound to a website is in the listening state, run the following commands on your instance:

netstat -anob | findstr /i 80

netstat -anob | findstr /i 443

Example output

TCP    0.0.0.0:80    0.0.0.0:0    LISTENING    4

TCP    0.0.0.0:443   0.0.0.0:0    LISTENING    4

Check if your Windows firewall is blocking port connections on port 80 or 443.

To troubleshoot an unreachable port, see Why can't I connect to a port on an EC2 Windows instance?

Check that the TLS/SSL certificate is valid for the HTTPS connection

To resolve TLS/SSL certificate errors, see How do I resolve errors that my clients receive when they try to use HTTPS to access my website?
If you're running an IIS server, then see How do I install an SSL/TLS certificate on my EC2 Windows instance running IIS server?

Related information

Why can't I connect to a website that is hosted on my EC2 instance?

Topics

Compute

Relevant content

Running .net application on ec2 windows instance
rePost-User-0440138
asked a year ago
Websites hosted on ec2 not reachable
Ramesh
asked a month ago
Connect to Instance Website on private subnet through EC2 Instance Connect Endpoint with browser.
rePost-User-0815280
asked 7 months ago
Why Can I not connect to my website running on EC2 with https?
Post-User-7527369
asked a year ago
EC2 Amazon Linux Instance becomes unresponsive when I run my server on it.
iTcxic
asked a year ago
How do I troubleshoot slow connections to a website hosted on my EC2 instance?
AWS OFFICIALUpdated 8 months ago
How do I troubleshoot Microsoft SQL issues on my EC2 Windows instance?
AWS OFFICIALUpdated 8 months ago
How do I troubleshoot Remote Desktop Connection issues to my Amazon EC2 Windows instance?
AWS OFFICIALUpdated 3 years ago
Why can't I connect to a website that is hosted on my EC2 instance?
AWS OFFICIALUpdated 2 years ago
How to troubleshoot TLS connection issues with your AWS IoT Core endpoint
EXPERT
Charlyscott237
published 7 months ago