By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Domain not resolving EC2 Instance

0

Hello,

I am not sure what I've done wrong here... I have a sub-domain on siteground - app.blockchatdao.com which i've had running on a different EC2 Instance before working.

I've created a new instance, created an Elastic IP and associated that to the instance and setup an A-Record on Siteground to point to the Elastic IP. I also created a hosted zone with the A record pointing to the Elastic IP.

whatsmydns.com shows that the A-Record on the subdomain is working correctly but the website never loads.

I am not sure what i've done wrong here

Thanks in advance

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Domain Name System (DNS)
Language
English
stellio
asked 4 months ago194 views
3 Answers
0

I can hit http://app.blockchatdao.com/ (plain HTTP on port 80) fine in a browser, but not https://app.blockchatdao.com/

Can you confirm that inbound TCP port 443 is open on the security group associated with the EC2 instance?

profile picture
EXPERT
Steve_M
answered 4 months ago
  • stellio
    4 months ago

    Hi Steve, thanks for the quick reply.

    I've opened up the security group associated but how do I check its open?

  • stellio
    4 months ago

    I also could not get the http:// to work? the Elastic IP works directly for me though

  • Steve_M EXPERT
    4 months ago
    $ nslookup app.blockchatdao.com
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    app.blockchatdao.com
Address:  3.210.166.43

    Both http://app.blockchatdao.com/ and http://3.210.166.43/ work for me. But I get connection timeout on both https://app.blockchatdao.com/ and https://3.210.166.43/

    You can check that port 443 is open in the security group in AWS Console -> EC2 -> Instances and then select the instance, go to the security tab and verify the inbound rules.

    On the instance itself, is the webserver setup to listen on port 443?

    Is there a host-based firewall, and is this allowing port 443 traffic through? Depending on what OS the instance is running this could be firewalld (RHEL/CentOS/Fedora), or ufw (Ubuntu), or Windows Firewall, or something else (or you might not have a host-based firewall running at all).

    Best place to start is double-checking the security group has the port open, and that the webserver is listening on that port.

0

From what I can see the inbound rules are set up correctly. I have not even touched these settings. I am a beginner on AWS and do not even know how to open the terminal or check if it's a firewall or not.

https://snipboard.io/skKaFn.jpg

stellio
answered 4 months ago
  • Steve_M EXPERT
    4 months ago

    Those security group rules look fine.

    Are you now able to view the website using HTTP to both the DNS name and the IP address?

    Port 22 being open in the security group suggests the EC2 is running Linux, is that correct? Check what ports are opened and being listened on with netstat -tulpn

    If the output is too large, limit it to just the webserver ports netstat -tulpn | egrep -w '80|443'

0

Issue here could be that the connections aren't reaching the EC2 instance or the webservice itself is not listening on https/443 please check whether the instance is listening on 443 by doing 'telnet localhost 443' from the instance's terminal/cmd. if it gets connected, 443 is listening and the issue is either with Security group or the OS Firewall. if the Telnet gets Not connected then check the webserver configuration to understand why the service is not listening only on port 80

AWS
PK
answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content