DA suddenly unreachable on 3 vpsses

[peps03]

3 hours ago DA still worked, now it is suddenly unreachable on 3 of my 4 vpsses. The 3 are from the same company. The fourth, of which DA is accessible, is from another company.

I recently encrypted all 4 vpsses with Let's Encrypt, but that doesn't seem the issue, as that was only 3-5 months ago and the fourth works. Also the machines are accessible via ssh. I contacted the vps hosting company and they said to ask here because they didn't change anything either.

The vpsses don't have auto updates enabled or anything. The message I now see is: "This site can’t be reached, XXXXXXX.nl took too long to respond."

The websites hosted on the vps all work. I restarted DA via SSH, no help either.

Any ideas?

 

[Arieh]

Can't you reach the DA panel itself or the websites hosted on it?

 

[peps03]

I only can't reach the DA login page / panel.
The websites are fine. And this occurred on 3 different vpsses at once (more or less).

 

[Arieh]

Please paste the output of:

ps aux | grep directadmin

And:

wget -S -O - http://localhost:2222/

 

[ikkeben]

I only can't reach the DA login page / panel.
The websites are fine. And this occurred on 3 different vpsses at once (more or less).

What is the hosters saying, maybe some updates of their infrastructure, DDOS or problems with them?

Same vps range at that hoster? you can try / gues other vps from them i think and try da inlogscreen, form you browser ipadres....

Sometimes hosters are saying nothing wrong, but if you are only the first one where the problem occurs.....

test also or mysql/mariadb is working with ssh and some more things, firewall, if someone/thingchanged the default port or blocked the default port...

ssl / https ?

 

[peps03]

[root@vps6 admin]# ps aux | grep directadmin
nobody    1145  0.0  0.0  60824  1272 ?        S    15:53   0:00 /usr/local/dire                                               ctadmin/directadmin d
nobody    1167  0.0  0.0  60824  1272 ?        S    15:54   0:00 /usr/local/dire                                               ctadmin/directadmin d
nobody    1177  0.0  0.0  60824  1272 ?        S    15:54   0:00 /usr/local/dire                                               ctadmin/directadmin d
nobody    1178  0.0  0.0  60824  1272 ?        S    15:54   0:00 /usr/local/dire                                               ctadmin/directadmin d
root      1886  0.0  0.0 112652   960 pts/1    S+   16:18   0:00 grep --color=au                                               to directadmin
root     20002  0.0  0.0  19356   320 ?        Ss   Mar09   2:37 /usr/local/dire                                               ctadmin/da-popb4smtp
nobody   20886  0.0  0.0  60824  3080 ?        Ss   13:32   0:00 /usr/local/dire                                               ctadmin/directadmin d
nobody   20892  0.0  0.0  60824  1272 ?        S    13:32   0:00 /usr/local/dire                                               ctadmin/directadmin d

Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:2222... connected.
HTTP request sent, awaiting response...
  HTTP/1.1 302 Found
  Server: DirectAdmin Daemon v1.51.3
  Location: https://1XX.2XX.2XX.1XX:2222
  x-use-https: yes
  Content-type: text/html
Location: https://1XX.2XX.2XX.1XX:2222 [following]
--2017-06-02 16:19:31--  https://1XX.2XX.2XX.1XX:2222/
Connecting to 1XX.2XX.2XX.1XX:2222... connected.
    ERROR: certificate common name ‘vps6.xxxxxxxx.nl’ doesn't match requested host name ‘1XX.2XX.2XX.1XX:2222’.
To connect to 1XX.2XX.2XX.1XX:2222 insecurely, use `--no-check-certificate'.

Aha.. update hostname then i guess..?

 

[ikkeben]

if cloudvps see twitter account for their network errors is don't see sofar
https://twitter.com/cloudvpsnetwork

but take care of the https ssl on hostname letsencrypt

 

[Arieh]

At least we know that DA is running.

Can you give me the IP adres or that vp6. url by PM? Than I can check from here.

 

[peps03]

Sent. I think it has something to do with the hostname. I remember updating the hostname on the vps that is still working now:

cd /usr/local/directadmin/scripts
./hostname.sh vps6.xxxxxxx.nl 1XX.2XX.2XX.1XX

 

[ikkeben]

Sent. I think it has something to do with the hostname. I remember updating the hostname on the vps that is still working now:

cd /usr/local/directadmin/scripts
./hostname.sh vps6.xxxxxxx.nl 1XX.2XX.2XX.1XX

With some hosters if you change the hostname yourself you have to tell them what you did so they can set their things also correct.

 

[Richard G]

You can also see in the error that the problem is in the hostname:

ERROR: certificate common name ‘vps6.xxxxxxxx.nl’ doesn't match requested host name ‘1XX.2XX.2XX.1XX:2222’.

Also remind that an ip address is not an FQDN hostname, which can lead to other problems, like mail if you're running a mailserver.

 

[Arieh]

The problem is that the vps.xx domain is behind cloudflare. I have adviced to remove force_hostname from /usr/local/directadmin/conf/directadmin.conf and connect through the VPS IP-address directly.

 

[peps03]

CF is disabled for this subdomain. And this whole setup worked well for 3/5 months.

The strange thing is, the hostname IS:
# /bin/hostname --fqdn
vps6.xxxxxxxx.nl

And the certificate name is that TOO:
"certificate common name ‘vps6.xxxxxxxx.nl’ doesn't match requested host name ‘1XX.2XX.2XX.1XX:2222’"
Don't know where this requested hostname, which is the IP address, is present..

 

[peps03]

Ok, you won't believe this, it was cloudflare. Cloudflare was always off for the subdomains the vpsses run on. I haven't even been logged-in to CF today as suddenly, all at once, CF was turned on for these 3 subdomains.
Cost me more than half a day this witchcraft.

Well thanks for the help all!! Very very much appreciated!