-2

Last weekend our ORG pushed a major set of patches to our Redhat servers. One of our applications went down and we've had huge issues trying to connect to it from within the network or outside.

At the moment the primary issue is getting passed the:Failed to load resource: net::ERR_CONNECTION_REFUSED.

I'm confident at this point that the application itself is not erroring. Everything worked previously. We've rolled back the apache update that came along with the Redhat patches.

I need some steps to follow to isolate 'oddities'.

I've checked most of the common things: https://wiki.apache.org/hadoop/ConnectionRefused

We've rolled back ssl.conf files to working time periods, httpd.conf etc. Still no luck.

The external IP address used to access the server is 123.123.123.123 If I phpinfo(); from a file on that server it shows that the apache remote_addr is 123.123.123.124
Shouldn't they match?

output of iptables:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql state NEW,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            multiport dports mysql
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:mysql state ESTABLISHED
Cjust689
  • 1
  • 2

1 Answers1

1

Couldn't see where I can comment when it's not an answer since I am using my phone.

I am not an apache expert but I have an advice on how to troubleshooting this.

1st: since you use iptables, try to disable it and see what happens. The command is "service iptables stop".

2nd: are you using SElinux? If you don't know what it is - you probably use it. In order to check whether it's active or not use the command "getenforce" - if the output is enforcing it is active, if it's permissive or disabled it means that it doesn't work right now.

If it's enforcing, try (for troubleshooting purposes) to switch it off with the command "setenforce 0".

Try combining the two and see what happens. Both are security features so it is not recommended to work without them. If problem is solved by this you'll know where to look at, either disable the things or try and reconfigure them in order for everything to work.

Hope I helped and good luck

Tomer Schweid
  • 98