This covers common troubleshooting for when the site cannot be reached.
Step-by-step guide
- Check the site to see if there is an error message
- If there was a deployment recently in Slack, try rolling back the deployment.
- If you see an error about SSL certificates go to the SSL section below
- If there is no message at all, you may have a firewall error
- Go to AWS and check the EC2 page
- Select the app box
- In the Description tab at the bottom of the page check the Security Groups
- It should have CHF-Access-Web (staging) or Public-Access-Web (production)
- If it does not, select the box, go to Actions→Networking→Change Security Groups and add the group for a quick fix
- Then go to your machine with Ansible and check the variables for the security groups to be automatically applied
- The file to check will be app_TIER_override as app's security groups always differ from the other machines
- Make sure the box has the Management-Access group and the Temp and internal networking groups for its tier as well as the Access-Web group above
- Save edits, commit the changes and push them. This will put them in the automatic updates to avoid the problem in the future
- If there is an Apache error follow the rest of the guide
- SSH into the app box(es) you wish to check
- Check
/opt/sufia-project/current/log/production.log for Sufia errors that might explain the problem - If no problems appear there, check
/var/log/apache2/error.log or /var/log/apache2/other_vhosts_access.log to find errors or access requests - If the problem appears to be a Passenger error or an Apache error, try a quick
sudo service apache2 restart to fix things. Apache restarts also restart Passenger- If Apache does not restart, check the apache error.log for the details
...
- Check the expiration date on the SSL certificate
- If expired check the crontab for certbot
- Try running certbot manually
- Check the apache config file
/etc/apache2/sites-enabled/sufia-project_ssl.conf to make sure that the name of the file points to a soft link that has the most up to date version of the certificate file.
Related articles
| Filter by label (Content by label) |
|---|
| showLabels | false |
|---|
| max | 5 |
|---|
| spaces | com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@4168b58 |
|---|
| showSpace | false |
|---|
| sort | modified |
|---|
| reverse | true |
|---|
| type | page |
|---|
| cql | label in ( "firewall" , "apache" , "rails" ) and type = "page" and space = "HDCSD" |
|---|
| labels | Apache Rails Firewall |
|---|
|
...