Non-SSL requests NOT getting re-directed to SSL

nowtech · December 26, 2014, 10:00pm

Hello and thanks in advance to anyone who can help, here is the issue im faced with:

I ran into a strange problem today with my website. Normally non-SSL requests get re-directed to SSL and everything is wonderful, but it just stopped working.

I have a .htaccess file in my public_home directory, and I also have webmin configured to re-direct incoming non SSL traffic to SSL. I thought I could just disable it, and delete the .htaccess file to temporarily allow web traffic to my site on port 80, but you still can’t get through.

The site is ONLY accessible through SSL, and incoming traffic can’t be re-directed. I don’t know what changed, any help is appreciated.

Eric · December 26, 2014, 11:32pm

Howdy,

Hmm, what happens when you attempt to access your site using the non-SSL URL? What error do you receive?

Also, are there other domains on your server that are accessible via port 80?

-Eric

nowtech · December 27, 2014, 12:01am

When I try to use non-SSL Chrome just says the website might be down (Error code: ERR_CONNECTION_TIMED_OUT).

I do have another domain on my server that doesn’t use SSL, and I can’t connect to that one either. It seems like nothing is being allowed through port 80.

Eric · December 27, 2014, 5:50pm

Howdy,

Hmm, is your server perhaps behind a NAT router? If so, is it possible that port 80 isn’t being forwarded to your server?

Or is it possible that a firewall is blocking port 80? You can view your firewall rules by running the command “iptables -L -n”.

-Eric

nowtech · December 27, 2014, 6:31pm

I use pfSense and my NAT is set to let both port 80 and 443 through.

After running the command “iptables -L -n” it didn’t list anything, so im pretty sure it’s fine.

I don’t have much running on the server, so I might just re-install everything from scratch and see if in a few weeks the problem happens again.

nowtech · December 27, 2014, 10:21pm

So I figured out what the problem was, here is the issue:

Port 80 was the only port giving me problems, so I decided to contact my ISP (CIK/VMedia) and this is what they told me.

They closed 2 ports (80 and 23) temporarily because they were attacked and their end user home phone equipment was hacked via these ports due to firmware vulnerability.

They are going to e-mail us their plan of action to deal with their issues and restore access to those ports. Tentative date is Jan 2nd.

Until then, they are asking us to provide them with specific user accounts who need it unblocked ASAP and they will process them.

Send your account # to port80@vmedia.ca if you need that port opened by CIK before Jan 2nd.