Digitalocean err_connection_refused - Fix it Now ?

Digitalocean err_connection_refused generally happens as a result of a missing log file or firewall blocks.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related DigitalOcean queries.

Nature of Digitalocean err_connection_refused

Recently one of our customers went ahead to power off the droplet to do a snapshot. However, while accessing the site, he came across:


Initially, we check the power-up state using the Digitalocean dashboard. In addition, we use the Digitalocean console to check the boot messages.

Then we check the status of the Nginx service:

# service nginx status

We also try to restart the Nginx service:

# service nginx restart

At times, we may receive the error:

*Restarting nginx nginx [fail]

To check the Nginx configuration, we execute:

$ sudo nginx -t

Then we will receive:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx [emerg] open() “/var/log/nginx/mysitename/access.log” failed (2: No such file or directory)
nginx: configuration file /etc/nginx/nginx.conf test failed

The main cause of this SSH Connection refused in DigitalOcean error can be:

  • A missing log file.
  • Firewall blocking the connection.
  • Service listening on localhost.

How to fix Digitalocean err_connection_refused error ?

1. Create an empty log file.

To do so, we login to the server as root and execute:

# touch /var/log/nginx/mysitename/access.log

If it fails, the intervening directory will not be present.

We create and change ownership and permissions for Nginx to use:

# mkdir -p /var/log/nginx/mysitename

To set the correct ownership and permissions, we use chown and chmod commands.

2. Check whether we can access the site from the server using curl or wget.

We need to open ports 80 and 443 in the firewall. In addition, we set it in the Nginx configuration file.

Initially, we check the status of port 443 in the server using the netstat command:

netstat -plan | grep :443

On finding it closed, we open port 443 in the firewall. Make note that different firewalls follow different commands to open a port.

For instance, to open port 443 in iptables, we use:

iptables -A INPUT -p tcp –dport 443 -j ACCEPT

Similarly, in the CentOS server, to open port in firewalld, we use:

firewall-cmd –permanent –zone=public –add-port=443/tcp

Next, we edit the Nginx configuration file /etc/nginx/nginx.conf and add:

listen 443 ssl http/2 default_server;
listen [::]:80 default_server;

It will add 443 as the listening port in the Nginx server and enables HTTPS connections.

Finally, when Nginx listens on port 443, it will look like this:

[root@xxx ~]# netstat -lpan | grep :443
tcp 0 0 1xx.2x.111.23:443* LISTEN 11978/nginx
tcp 0 0 1xx.2x.111.22:443* LISTEN 11978/nginx
tcp 0 0 1xx.2x.111.19:443* LISTEN 11978/nginx

We ensure that the service listens on instead of (localhost). We can set it in /etc/nginx/nginx.conf file.

[Need help with fixing Linux related errors? We'd be happy to assist. ]


This article covers methods to resolve DigitalOcean error. SSH service uses sshd daemon to listen to the incoming connections and handles user authentication, terminal connections, and many more. If this service crashes, the connection fails, and results in SSH Connection refused error in DigitalOcean servers.

To fix this error, start by identifying and researching on the root cause of service failures. 

The reasons can be traffic impales, disk errors, resource breakdowns, DDoS attacks, and many more.

Sometimes the backend service fails or doesn't respond. 

In this case, we kill the dead process and restart the service. 

For example, In CentOS 7 droplet, we restart the SSH service using the below command:

$ systemctl restart sshd