Why does CURL show that the EC2 instance is serving files but cannot access it via Public IP? - amazon-web-services

I have been trying to get a React/Node application deploying on AWS EC2 using NGINX but can't seem to get the public DNS to load anything.
However, when I curl localhost and the port that I am running my Node app on curl localhost:3001, it seems to output what I am expecting. But I figured at least my static files should load when I hit the public DNS.
I have attached my conf file here. From my understanding, this should serve the static file at the root. I have also attached my inbound rules with HTTP port and TCP port for my backend being open.
Thanks for any guidance.
/etc/nginx/conf.d/default.conf
server {
#listen​ 80;
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
access_log /home/ubuntu/client/server_logs/host.access.log main;
location / {
root /home/ubuntu/client/deploy;
index index.html index.htm;
try_files $uri /index.html;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
server_tokens off;
location ~ /\.ht {
deny all;
}
}
Here are my security rules


You need to check the communication between the nginx and your application. Before that try to curl localhost:80. If this returns the nginx page then atleast with the public DNS, this page must be loaded. If not run sudo service nginx status and check.
On the other hand, are you using load balancer with your setup?
The connection has timed out could also be due to wrong port address being requested too.

Related

EC2 instance accessible through elastic IP but shows Nginx home page while using domain route 53

So, I was doing a guided project building a django based website. Upon its completion I deployed it on AWS using EC2 instance uing nginx and gunicorn using this guide. I assigned an elastic IP to the instance and used route53 to use a domain name to access the website. Now the website is accessible through the elastic IP which is mentioned in my nginx proxy pass file to gunicorn but the nginx homepage opens up while using the domain name.
Nginx Proxy Code:
server {
listen 80;
server_name 15.206.3.159;
location = /favicon.ico { access_log off; log_not_found off; }
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}}
My route 53 settings are:
Route 53 settings
The nameservers were successfully added to the domain.
The page that shows up on visiting through domain name:
on visiting domain
Could anyone help me with what exactly is going wrong here?

Add domain name in server name directive.
server {
listen 80;
server_name 15.206.3.159 lordpasta.tech;
location = /favicon.ico { access_log off; log_not_found off; }
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}}
--
http to https redirection in the site -
ab#13 /tmp % curl -sI http://lordpasta.tech
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 23 Sep 2022 07:17:14 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://lordpasta.tech/

Route 53 isn't letting me access to the ec2 instance through the application load balancer

I built a rails app in ec2 instance and deployed using route 53.
Currently I succeeded in associating the instance with the domain provided by amazon.
I can access to the page with the domain name.
However, once I create a record and associate the domain to the alb, I'm no longer able to access to the page.
I'm doing it to make the https access available.
I checked the things below.
Target group succeeds health check
Typing the DNS name of ALB works with both http and https
The record on route53 shows the DNS name above
The security group used for the ALB allows all the access
regardless of either http or https
listener is configured for both http and https
I also checked the article below
Unable to Access HTTPs in AWS Application Load Balancer EC2 Instance
I have no idea of what else to check after all.
Please help me.
I've been working on this the whole day...
Here's my config files
ruby_gems_bootcamp.conf(for nginx)
;; Query time: 6 msec
# log directory
error_log /var/www/rails/ruby-gems-bootcamp/log/nginx.error.log;
access_log /var/www/rails/ruby-gems-bootcamp/log/nginx.access.log;
# max body size
client_max_body_size 2G;
upstream app_server {
# for unix domain socket setups
server unix:/var/www/rails/ruby-gems-bootcamp/tmp/sockets/.unicorn.sock fail_timeout=0;
}
server {
listen 80;
server_name 54.248.194.243
# nginx so increasing this is generally safe ...
keepalive_timeout 5;
# path for static files
root /var/www/rails/ruby-gems-bootcamp/public;
# page cache loading
try_files $uri/index.html $uri.html $uri #app;
location #app {
# http headers
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
# referring upstream app_server
proxy_pass http://app_server;
}
# Rails error pages
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/www/rails/ruby-gems-bootcamp/public;
}
}
nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
route53 configuration

AWS Application Load Balancer - https not working properly

I have a web application developed with React JS, for server side rendering, I am using NodeJS. Following is the overall architecture -
Deployed React JS app on EC2 - Ubuntu 18.04 with Nginx
Obtained SSL from AWS ACM
Attached ALB to EC2 instance, added 2 listeners - PORT 80, PORT 443 (Forwarding request to target group on PORT 80)
Added A record on Godaddy with EC2 elastic IP, added CNAME record www pointing to ALB
Following is my nginx config file -
server {
server_name mydomain.ai;
return 301 https://www.mydomain.ai$request_uri;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
#server_name www.mydomain.ai;
if ($host !~ ^www\.) {
rewrite ^ https://$host$request_uri permanent;
}
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location /error {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8000;
}
location /aws/ {
try_files $uri $uri/ /aws/aws.html;
}
}
server {
listen *:443 default_server;
server_name mydomain.ai www.mydomain.ai;
if ($host !~ ^www\.) {
rewrite ^ https://$host$request_uri permanent;
}
location / {
proxy_hide_header 'Access-Control-Allow-Origin';
add_header 'Access-Control-Allow-Origin' "*" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
proxy_pass https://localhost:8000;
proxy_http_version 1.1;
}
}
When I type https://mydomain.ai it throws "ERR_SSL_PROTOCOL_ERROR", however following cases are working fine -
mydomain.ai //redirected to https://www.mydomain.ai
http://mydomain.ai //redirected to https://www.mydomain.ai
http://www.mydomain.ai //redirected to https://www.mydomain.ai
Can anyone please help me?

I think you forgot to attach the procured certificate to ALB.
It can be done from AWS console by following the steps mentioned:
https://aws.amazon.com/premiumsupport/knowledge-center/associate-acm-certificate-alb-nlb/

Nginx Django after add SSL get too many redirects error

Fist of all sorry for my bad english.
I'm having a problem configuring LetsEncrypt in my webapp, i make it work now i can access using https://www.myproject.com but if i try to use www.myproject.com, myproject.com or even https://myproject.com without the www i always get the error ERR_TOO_MANY_REDIRECTS.
This is my nginx config in /etc/nginx/sites-available/myproject
server {
listen 80;
listen [::]:80;
server_name myproject.com www.myproject.com;
return 301 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
include snippets/ssl-myproject.com.conf;
include snippets/ssl-params.conf;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/user;
}
location /media/ {
root /home/user;
}
location /.well-known {
alias /home/user/myproject/.well-known;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/user/myproject.sock;
}
}
I check a lot of questions like mine but in php projects try the solutions but still not found one to solve my problem.
if helps i have to say that i have cloudflare free configure for my domain
Thanks!
FIX: If you use cloudflare in your web when you install SSL certificates have to put the SSL cloudflare configuration in Full or Full(strict).

Route53 routing issue DNS address could not be found

Hello I have two domains registered on Route53, www.sample.com and sample.com
Right now www.sample.com's A record is pointing to an elastic ip that is bound to an EC2 (Using Django + Gunicorn + Nginx). www.sample.com website works perfectly fine so I try to reroute sample.com's A record to the same ip, but I keep getting the issue DNS address could not be found. Anyone know why?
Do I have to change the nginx configuration file to be listening to sample.com as well?
Here is the configuration file
server {
listen 80;
server_name www.sample.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name www.sample.com
# add Strict-Transport-Security to prevent man in the middle attacks
add_header Strict-Transport-Security "max-age=31536000";
ssl_certificate /etc/nginx/ssl/sample_com/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/sample_com/sample_com.key;
# side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
root /home/ubuntu/sample_Landing_page/;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
alias /home/ubuntu/sample_Landing_page/static/static_root/;
expires 365d;
}
location / {
include proxy_params;
proxy_pass
http://unix:/home/ubuntu/sample_Landing_page/sample_Landing.sock;
}
}