-2

Last weekend our ORG pushed a major set of patches to our Redhat servers. One of our applications went down and we've had huge issues trying to connect to it from within the network or outside.

At the moment the primary issue is getting passed the:Failed to load resource: net::ERR_CONNECTION_REFUSED.

I'm confident at this point that the application itself is not erroring. Everything worked previously. We've rolled back the apache update that came along with the Redhat patches.

I need some steps to follow to isolate 'oddities'.

I've checked most of the common things: https://wiki.apache.org/hadoop/ConnectionRefused

We've rolled back ssl.conf files to working time periods, httpd.conf etc. Still no luck.

The external IP address used to access the server is 123.123.123.123 If I phpinfo(); from a file on that server it shows that the apache remote_addr is 123.123.123.124
Shouldn't they match?

output of iptables:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql state NEW,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            multiport dports mysql
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:mysql state ESTABLISHED
Cjust689
  • 1
  • 2
  • I did a read through and while the error is the same and a lot of the information posted was very enlightening, I was unable to resolve the issue. – Cjust689 Jan 30 '17 at 14:27
  • Please show us what you learned. Show us the output of the various commands you used to determine that the process you are trying to connect to is running and listening on the IP address and port that you expect. – user9517 Jan 30 '17 at 15:47
  • @istheEnglishway unfrotunately I'm not on the IT unix team but a developer for the app having the issue. They've assured me ports are open and being listened to 80 and 443. I can have them output whatever may assist but unix is entirely foreign to me and I do not have direct access to the server. Any suggestions are appreciated. – Cjust689 Jan 30 '17 at 22:14
  • Unfortunately we can't help you. You need access to the system and suitable privilege/authority. You need to work with your IT department to get them to help you solve this issue. After all, that's part of their job. – user9517 Jan 31 '17 at 08:15

1 Answers1

1

Couldn't see where I can comment when it's not an answer since I am using my phone.

I am not an apache expert but I have an advice on how to troubleshooting this.

1st: since you use iptables, try to disable it and see what happens. The command is "service iptables stop".

2nd: are you using SElinux? If you don't know what it is - you probably use it. In order to check whether it's active or not use the command "getenforce" - if the output is enforcing it is active, if it's permissive or disabled it means that it doesn't work right now.

If it's enforcing, try (for troubleshooting purposes) to switch it off with the command "setenforce 0".

Try combining the two and see what happens. Both are security features so it is not recommended to work without them. If problem is solved by this you'll know where to look at, either disable the things or try and reconfigure them in order for everything to work.

Hope I helped and good luck

Tomer Schweid
  • 98
  • 1
  • 1
  • 6