Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Cannot reach website after EC2 maintenance

1

Hi All, I have an EC2 instance hosting a website and after the planned maintenance on Jan 8, I can no longer reach the website. I have run through the troubleshooting recommended by the ask-AWS bot:

  1. instance is in running state, passed all checks
  2. there are no errors in system log
  3. security group looks fine
  4. network configuration looks fine, unchanged from before
  5. has public IP assigned (elastic)
  6. Network ACLs allow traffic
  7. rebooted the instance

Still, I cannot reach the website at all. Ideally, I'd ask AWS to fix this as the issue started right after they ran maintenance on the instance, but they want me to pay for "technical assistance" (I think if they broke something they should fix it without me having to pay for it). I am by no means an expert at this so any help would be appreciated. Many thanks!

Topics
Compute
Tags
Amazon EC2Website Hosting
Language
English
asked 6 days ago85 views
6 Answers
1

When your EC2-hosted website becomes inaccessible after maintenance, there are several potential causes to investigate beyond the basic checks you've already performed.

First, it's possible that your web server service (like Apache, Nginx, etc.) may have stopped running during the maintenance. You should SSH into your instance and check if the web server service is active. If not, you'll need to restart it.

Second, if your website relies on a database, check if the database connection is working properly. Database connectivity issues can cause a website to appear down even when the instance is running normally.

Third, verify that your application configuration hasn't been affected. Sometimes maintenance can reset certain configurations or cause application files to become corrupted.

Fourth, check your web server logs for any specific error messages that might indicate what's happening.

If you can't SSH into the instance using regular methods, consider using AWS Systems Manager Session Manager as an alternative access method. This requires the SSM agent to be installed on your instance and an appropriate IAM role with the AmazonSSMManagedInstanceCore policy.

Once you gain access to the instance, you can:

  1. Check the status of your web server with a command like systemctl status apache2 (or nginx, etc.)
  2. Restart the web server if needed: sudo systemctl restart apache2
  3. Ensure the web server is set to start automatically: sudo systemctl enable apache2
  4. Check database services if applicable: sudo systemctl status mysql
  5. Review web server error logs in locations like /var/log/apache2/error.log

If these steps don't resolve the issue, the maintenance might have caused more fundamental changes requiring additional troubleshooting.
Sources
EC2 Website Connection Timeout | AWS re:Post
My website on EC2 reports it is running but no one can see it | AWS re:Post
Website completely blank after EC2 reboot - multiple services down | AWS re:Post

answered 6 days ago
EXPERT
reviewed 6 days ago
1

Hi everyone, Thank you for all the suggestions! It turned out that the issue was that our script was stopped by the maintenance and did not re-start automatically. We have now included a routine to re-start the script following maintenance interruptions. Thanks again for all the suggestions, it was much appreciated and helped us troubleshoot.

answered 3 days ago
0
Accepted Answer

Hi,

In addition to what the re:Post Agent suggested, checking the user data could help. Since you mentioned the maintenance was on Jan 8, it's possible the instance stopped/started, which would re-run the user data script. If the script encountered an error during execution, it could explain why the website isn't accessible even though the instance appears healthy.

The system logs typically don't show application-level issues, so I'd recommend checking:

  1. Did user data finish executing? Check: /var/log/cloud-init-output.log

  2. Is the web server running? Check: systemctl status nginx (or httpd) Or: ps aux | grep nginx

These logs should reveal if something failed during startup.

Best, Malini

answered 6 days ago
AWS
EXPERT
reviewed 2 days ago
0

Thank you for the suggestions, we will try them over the weekend and see what works.

answered 6 days ago
0

Are you using the EC2 with an automatic assigned public IP address or are you using an elastic IP?

If auto assigned the IP will have changed. If using DNS you would need to update the IP address.

Can you access the EC2 via SSM?

EXPERT
answered 6 days ago
0

Hi there! I can see you've already received some good suggestions from Malini and others. Let me build on those and give you a comprehensive troubleshooting path that should get your website back online.

Root Cause: Stop/Start During Maintenance The Jan 8 maintenance almost certainly triggered a stop/start cycle on your instance (not just a reboot). This is critical because:

  • Your Elastic IP stays attached
  • Instance passes status checks
  • BUT services and applications may not restart properly

As Malini correctly pointed out, user data scripts can re-execute during stop/start and cause issues. Let me expand on this with a complete diagnostic approach.

Step-by-Step Troubleshooting

  • First: Can You Access the Instance? Before anything else, verify you can connect:
ssh -i your-key.pem ec2-user@YOUR_ELASTIC_IP

If SSH fails, try AWS Systems Manager Session Manager from the AWS Console:

Go to EC2 Console → Select your instance → Connect → Session Manager This bypasses network issues and confirms if it's a connectivity problem vs application problem.

  • Check User Data Execution (Malini's suggestion - this is critical!) Once connected, check if user data re-ran and caused issues:
sudo cat /var/log/cloud-init-output.log
sudo tail -100 /var/log/cloud-init-output.log

Look for errors or timestamps matching Jan 8

sudo grep -i "error\|fail" /var/log/cloud-init-output.log

What to look for:

  • Timestamps around Jan 8 (maintenance date)
  • Any error messages during script execution
  • Whether the script completed successfully

If you see errors here, that's likely your culprit. User data re-execution can:

Overwrite configuration files Reset permissions Fail partway through, leaving things in a broken state

  • Check Web Server Status (Malini's second suggestion)
sudo systemctl status nginx

For Apache

sudo systemctl status httpd

OR on Ubuntu

sudo systemctl status apache2

Alternative check

ps aux | grep nginx ps aux | grep httpd If the service is not running: bash# Start it sudo systemctl start nginx # or httpd/apache2

Enable auto-start on boot (IMPORTANT!)

sudo systemctl enable nginx

Check if it started successfully

sudo systemctl status nginx

If the service is running but website still unreachable, continue below.

  • Verify Service is Listening on Correct Port
sudo ss -tlnp | grep ':80\|:443'

Or using netstat

sudo netstat -tlnp | grep ':80|:443' Expected output: You should see your web server process listening on 0.0.0.0:80 (not 127.0.0.1:80) If bound to localhost only (127.0.0.1):

Your web server config may have been changed during user data re-execution Edit your nginx/apache config to bind to 0.0.0.0 or remove IP specification

  • Test Local Connectivity
curl -I http://localhost
curl -I http://127.0.0.1

If using custom port

curl -I http://localhost:8080 If this works: Issue is network/firewall related (continue to step 6) If this fails: Issue is with the application itself (check logs in step 7)

  • Check OS-Level Firewall User data re-execution can reset firewall rules:
sudo iptables -L -n -v

Check for DROP or REJECT rules

For firewalld (RHEL/CentOS/Amazon Linux)

sudo firewall-cmd --list-all

Here is Quick Script you can try

#!/bin/bash
echo "-- Instance Connectivity --"
curl -I http://localhost
echo ""

echo "-- Web Server Status --"
sudo systemctl status nginx httpd apache2 2>/dev/null | grep -E "Active:|Loaded:"
echo ""

echo "-- Listening Ports --"
sudo ss -tlnp | grep ':80\|:443'
echo ""

echo "-- Firewall Rules --"
sudo iptables -L INPUT -n | grep -E "ACCEPT|DROP|REJECT" | grep -E ":80|:443"
echo ""

echo "-- Disk Space --"
df -h | grep -E "Filesystem|/$"
echo ""

echo "-- Recent User Data Execution --"
ls -lh /var/log/cloud-init-output.log
sudo tail -20 /var/log/cloud-init-output.log
answered 6 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content