Digitalocean err_connection_refused generally happens as a result of a missing log file or firewall blocks.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related DigitalOcean queries.
Nature of Digitalocean err_connection_refused
Recently one of our customers went ahead to power off the droplet to do a snapshot. However, while accessing the site, he came across:
Initially, we check the power-up state using the Digitalocean dashboard. In addition, we use the Digitalocean console to check the boot messages.
Then we check the status of the Nginx service:
# service nginx status
We also try to restart the Nginx service:
# service nginx restart
At times, we may receive the error:
*Restarting nginx nginx [fail]
To check the Nginx configuration, we execute:
$ sudo nginx -t
Then we will receive:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx [emerg] open() “/var/log/nginx/mysitename/access.log” failed (2: No such file or directory)
nginx: configuration file /etc/nginx/nginx.conf test failed
The main cause of this SSH Connection refused in DigitalOcean error can be:
- A missing log file.
- Firewall blocking the connection.
- Service listening on localhost.
How to fix Digitalocean err_connection_refused error ?
1. Create an empty log file.
To do so, we login to the server as root and execute:
# touch /var/log/nginx/mysitename/access.log
If it fails, the intervening directory will not be present.
We create and change ownership and permissions for Nginx to use:
# mkdir -p /var/log/nginx/mysitename
To set the correct ownership and permissions, we use chown and chmod commands.
2. Check whether we can access the site from the server using curl or wget.
We need to open ports 80 and 443 in the firewall. In addition, we set it in the Nginx configuration file.
Initially, we check the status of port 443 in the server using the netstat command:
netstat -plan | grep :443
On finding it closed, we open port 443 in the firewall. Make note that different firewalls follow different commands to open a port.
For instance, to open port 443 in iptables, we use:
iptables -A INPUT -p tcp –dport 443 -j ACCEPT
Similarly, in the CentOS server, to open port in firewalld, we use:
firewall-cmd –permanent –zone=public –add-port=443/tcp
Next, we edit the Nginx configuration file /etc/nginx/nginx.conf and add:
listen 443 ssl http/2 default_server;
listen [::]:80 default_server;
It will add 443 as the listening port in the Nginx server and enables HTTPS connections.
Finally, when Nginx listens on port 443, it will look like this:
[root@xxx ~]# netstat -lpan | grep :443
tcp 0 0 1xx.2x.111.23:443 0.0.0.0:* LISTEN 11978/nginx
tcp 0 0 1xx.2x.111.22:443 0.0.0.0:* LISTEN 11978/nginx
tcp 0 0 1xx.2x.111.19:443 0.0.0.0:* LISTEN 11978/nginx
We ensure that the service listens on 0.0.0.0 instead of 127.0.0.1 (localhost). We can set it in /etc/nginx/nginx.conf file.
[Need help with fixing Linux related errors? We'd be happy to assist. ]