I started a Ghost blog on Google's Compute Engine following this guide here. I have enabled both HTTP and HTTPS traffic.
The issue is the famous "This site can't be reached ... unexpectedly closed the connection."
A few of my friends have reported the issue with accessing the blog through their wifi, but no issues with 4G on their phones. I am able to reproduce the issue through my VPN, NordVPN. If I access the external IP address directly, I am able to get to the Nginx welcome page.
Are there firewall changes I need to make to allow these connections? I don't see why I am able to access it just fine on my wifi and they are not able to. Thank you for your help!
Machine type: f1-micro (1 vCPU, 0.6 GB memory)
CPU platform: Intel Haswell
Zone: us-east1-b
gcloud compute firewall-rules list on the instance results in the below:
Thank you everyone for digging into this. This is a rookie mistake on my part. Godaddy came with 4 "#" records in my DNS and I only changed one of them to point to my external IP. Once I deleted the other 3 "#" records, everything worked just fine.
Related
Over the years, I used No-IP to link a domain to my IP address, and then used No-IP's DUC (Dynamic Update Client) to update my IP, so that the domain will always point to my IP.
That's very handy for running dedicated game servers.
Is there a DUC-equivalent for Google Cloud DNS?
In essence - No - there isn't :(
Unless yo're using Google Domains for your domain hosting then yes - they support just the thing.
Cloud DNS doesn't have that functionality. There are several workarounds like reserving a public IP for your VM which in my opinion would be the best way to do it. Unless your VM get's deployed using Deployment Manager then it may require some more scripting.
Similar questions have been raised on Stackoverflow here and here which you might find helpful.
If you're running Linux here you'll find a complete script how to update DNS records after a machine startup.
I wanna use oVirt engine 3.6 in my Internet connectionless network. I installed oVirt with yum over internet. After that I tried to work offline. When I go offline Web Interface it still works fine. But I connected it to my local netowork Interface starts not to respond. I check POST/GET requests that made by it and I see it stuck on request/respond to/from GenericApiGWTService. For example, normally time between request and respond takes 1 to 600ms but when I connect it to local network it take up to 300.000ms second and eventually it fails. I use CentOS 7 x86_64. I couldn't figure out what is it cause to that.
I fix the problem by;
Use another IP from different address group then the one you use for
internet connection. Example: I used 192.168.1.10 for internet
connection. When I connect pc to local I changed it to 192.168.2.10
Delete all Gateway and DNS IPs.
Then it works fine.
I was trying to study the HTTP(s) requests/response that the apps from my phone are sending so this is what I went ahead and created.
I turned my Raspberry Pi as an access point with 2 wifi usb dongles. One for my phone to connect to the "TEST" network and the second connected to the internet. Everything works fine and my phone is able to access internet via my RPi.
Now I setup MITMproxy (in transparent mode) so that I can sniff the traffic to-from from my phone apps. I installed the mitmproxy certificate on the phone and the traffic shows up fine on the mitmproxy console.
Final step - To make the web traffic data analysis part easier I found on the net that Paros Proxy might be able to help (show the traffic from mitmproxy) in a more readable way. - THIS IS NOT HAPPENING
I am assuming there is some setup required for ParosProxy so that it can be linked to mimtProxy / network interfaces which I am not able to achieve. Can any one please help with this?
ParosProxy dashboard doesnt show any traffic. As far as the settings (Tool->Options) the default settings are there i.e. for local proxy (host = localhost and port = 8080). I couldnt find much documentation about ParosProxy on the web.
My network interfaces on the RPi is as follows :
wlan0 (connected to internet) - DHCP
wlan1 (Access Point to which the phone apps connect to) - static IP (gateway 192.168.10.1)
Just in case there is some other tool that could help me achieve the same (a GUI/better dashboard to analyse mitmproxy traffic in real time) I am pretty open for it.
Yes there is a better option: OWASP ZAP https://www.owasp.org/index.php/ZAP :)
It was forked from Paros ~ 5 years ago, is very actively maintained and pretty well documented.
See https://github.com/zaproxy/zaproxy for links to the online user guide, FAQ user and developer groups.
FYI we have info on how to get ZAP runnin on a Pi: https://github.com/zaproxy/zaproxy/wiki/zappi but that doesnt include setting up wiki access - it would be great if we could update that page with the necessary steps :)
Simon (ZAP project lead)
I'm trying to setup a Squid server on a virtual machine, and there will be another machine which will be connecting to the internet via Squid server. The problem is I couldn't find out how to get traffic with Squid server. I've read that port-forwarding is the way to go, and searched for it. Still, no examples/answers about that matter. I've wrote the rules for Squid, and tested it. It's not catching the traffic, at any level. Anything will help me out of this.
Thanks in advance.
I wrote a post about this a number of years ago to do something very similar - you can read about it here: http://ashleyangell.com/2009/03/configuring-a-basic-reverse-proxy-in-squid-on-windows-website-accelerator/
We are currently encountering the following error when trying to connect to a Cloud SQL instance: Lost connection to MySQL server at 'reading initial communication packet', system error: 0.
This is a familiar error, and as detailed here usually means the IP address needs to be whitelisted. However, we believe we have done so.
Is there a way to see connection attempts and their IP addresses that have been made (and refused) to the Cloud SQL instance?
Currently we don't expose that information but it is something we would like fix. :-)
According to #Razvan, as of September 2014, this information isn't exposed.
We ended up using CIDR blocks to search the space and find the actual IP address. This is unsatisfying, obviously, but it's a way to pin down the problem.
If other people want to sanity check that the problem is their IP is being refused, you can add 0.0.0.0/0 in order to accept all ranges and try to connect. If it works, you know what is the problem.
Be absolutely sure to remove this as an accepted range, after you are done, however!
Figured I might help someone who stumbles here.
Had exactly the same issue essentially trying to connect to a GCP SQL instance from a hosting provider.
Whitelist the IP address that is shown in my cpanel and it will not connect. (It used to, but the provider made some changes with their infrastructure lately and it stopped working)
put 0.0.0.0/0 in my Cloud Platform whitelist and it connects no problem.
So now I know that my cpanel IP is not the IP trying to connect to GCP.
After some hair pulling (figured that the bare metal server had a different IP than my cpanel IP, it did, but this also didn't work.)
finally tried the IP address for the name servers that point to my domain and bam. All is good.
If you are facing this issue, try your name server (usually something like NS1.hostingprovider.com etc..). I put both the NS1 and NS2 ip's in the whitelist and we are working fine.