At our hosting provider we have a server running Windows Server 2012 with IIS 8.0, via VMWare.
It hosts several web applications. In addition to that, FTP runs on port 21 on FileZilla Server.
Since August this year, seemingly at random, the server sometimes refuses the connection on port 80 and 443 (WSAECONNREFUSED). It does never refuse the connection on port 21.
To give an illustration of how random this is: It happened every day this week but it never happened the two weeks before that.
We can't find anything in the IIS logging. The only thing we can find is that when connecting through port 80 (or 443), even on the server itself on 127.0.0.1, it will usually work fine but sometimes WSAECONNREFUSED starts popping up right in between successful connections.
Both we and our hosting provider so far don't have a clue what is causing it, other than that it's suspicious that it's happening on the ports that IIS is using, but IIS or the Windows event log will never report anything.
Our hosting provider made a clone of this server on which we disabled most of the web applications. This clone exhibits the same behaviour, even at the same times.
A third server, which is entirely new (and runs Windows Server 2012 R2) does not show this behaviour. All three are on the same network.
After two months of searching we still haven't find anything. Any pointers are really appreciated, as these errors are a problem for both ourselves and our customers.
Related
My application does client authorization over WebSocket connection using ws#7 but after several minutes suddenly it gets disconnected with the error code 1006.
Interesting thing is it's working on AWS Windows Server instances but not on Azure instances or VMWare VMs. I assume there is some kind of configuration related to WebSockets should be handled before installing Node-based application but the main question is what I have to configure in order to move forward.
1006 error usually happens when there is a timeout. In the library you are using, the ws timeout is 30 seconds: https://github.com/websockets/ws/blob/4f293a8726092c75539287dd07358afaf151a2e5/lib/websocket.js
Check whether you are using a gateway or something in between the VM with a timeout less or equal than the ping interval that ws automatically does from the client.
You can usually can see this automatically generated ping messages in Firefox with the F12 tools in the network tab, these do not show up in Chrome nor in Edge but they happen as well:
I had similar problem with my Windows machine tryng to connect a server using Visual Studio Code. I have reset the routes, and reboot the machine, that solve the issue.
To reset use:
route -f
I have a debian 7.5 based Ubuntu server, apache 2.2.22.
It's a rather vanilla installed XAMP used as a basic web server.
It used to work fine and I have no idea why it stopped working suddenly (there was some maintenance today but it worked when I left it - I changed partition sizes with Gparted).
When I try to access a website from the server (tried with w3m) all is working OK, including PHP and MySQL access.
When I try to access the same host (using a domain) from the outside, the browser keeps loading for a long while, eventually (after few minutes) saying the page could not be loaded.
I made sure that ports are open and accessible with outside scanner.
So I'm sure the Apache is available (working from inside the network, websites loading from SSH using w3M and pinging)
I'm sure the server is connected to the web (I can use putty to SSH)
the host is resolving to the correct IP (but won't ping from outside, only inside)
The ports seems to be opened (scanned and got OK for port 80)
I'm not a professional IT, so If there is info I can add that could help just ask away.
would really appreciate any idea or direction.
Thanks!
I still suspect the UFW/iptables firewall is blocking all incoming connections... Please go through this article and double check
http://www.cyberciti.biz/faq/ubuntu-server-disable-firewall/
If you're sure that the firewall config is OK, please try packet capturing with Wireshark to see what's going on underneath.
http://www.youtube.com/watch?v=sOTCRqa8U9Y How to install
Thanks for the help,
Oddly enough - It just started working again after 12 hours of not working.
A friend of mine, an IT person just called to try and help, and he simply connected (5 mins after I tried) and said it's all working for him.
I tried, and it's working for me also.
Have no idea why it stopped working, and why it is working now.
I think it might be an ISP problem or a router issue... The server is in our offices so I guess it could be both. I just don't understand why SSH would work and HTTP wouldn't.
I have an issue that my idiot web host support team cannot solve, so here it is:
When I'm working on a site, and I'm uploading many files here and there (small files, most of them a few dozen lines at most, php and js files mostly, with some png and jpg files), after multiple uploads in a very short timeframe, the FTP chokes on me. It cuts me off with a "refused connection" error from the server end as if I am brute-force attacking the server, or trying to overload it. And then after 30 minutes or so it seems to work again.
I have a dedicated server with inmotion hosting (which I do NOT recommend, but that's another story - I have too many accounts to switch over), so I have access to all logs etc. if you want me to look.
Here's what I have as settings so far:
I have my own IP on the whitelist in the firewall.
FTP settings have maximum 2000 connections at a time (Which I am
nowhere near close to hitting - most of the accounts I manage
myself, without client access allowed)
Broken Compatibility ON
Idle time 15 mins
On regular port 21
regular FTP (not SFTP)
access to a sub-domain of a major domain
Anyhow this is very frustrating because I have to pause my web development work in the middle of an update. Restarting FTP on WHM doesn't seem to resolve it right away either - I just have to wait. However when I try to access the website directly through the browser, or use ping/traceroute commands to see if I can reach it, there's no problem - just the FTP is cut off.
The ftp server is configured for such a behavior. If you cannot change its configuration (or switch to another ftp server program on the server), you can't avoid that.
For example vsftpd has many such configuration switches.
Going to something else like scp or ssh should help
(I'm not sure that calling idiot your web support team can help you)
I have configured IIS 7.5 ftp service to use SSL. I have two environments (one for testing purposes, without ssl). When we activate SSL users can logon and list and get files maybe one time if there lucky, then the host (service?) becomes unreachable for some reason. I have no idea what happens or why the FTP "locks" it self. When the ftp is in the "locked" state i am still able to telnet the ftp service, but login do not work.
The test environment without SSL works perfectly and never locks itself. I have also tried turning off SSL on the production environment and that makes that environment work perfectly too.
So the problem must be with SSL (certificate is from versisign). Have someone experienced the same problem och now what can be the cause of this?
/ Tommy
See this document
Specifically these sections:
Using Windows Firewall with secure FTP over SSL (FTPS) traffic
More Information about Working with Firewalls
(At the bottom)
Within our office, we have a local server running DNS, for internal related "domains", (e.g. .internal, .office, .lan, .vpn, etc.). Randomly, only the hosts configured with those extensions will stop resolving on the Windows-based workstations. Sometimes it'll work for a couple weeks without issue on one machine, then suddenly stop working, or it'll happen on another 15 times per day. It's completely random for all workstations.
When troubleshooting, I have opened up a command prompt, and issued various nslookup commands for some of these hosts, and they resolve, however I've been told that nslookup uses different "libraries" for name resolution than other applications such as web browsers, email clients, etc.
The only solution thus far, is manually restarting the Windows DNS Client on each workstation when this happens. Issuing the ipconfig /flushdns command multiple times helps every now and then, but is not successful enough to even attempt before restarting the DNS Client.
I have tried two different DNS servers; BIND9, and Windows Server 2003 R2 DNS, and the behavior is the same.
We have a single Netgear JGS524 switch all workstations and servers are connected to within the office, and a Linksys SR224G switch in another department with workstations attached.
In this particular situation, it appears that Windows will randomly start using a secondary name server instead of the primary, even if the primary is available.
My solution: remove the secondary. This is not a great solution as it obviously will kill the whole name resolution if this single name server goes down, but given this network is small and name resolution isn't mission critical (read: it can go down for an hour), this solution is acceptable.