On August 21, my Yunohost server, which I keep in my house, started warning we that port 80 was inaccessible from the Internet. None of my sites use port 80, so everything kept working, but I was concerned because I knew that my Let’s Encrypt certificate would fail to automatically renew if I didn’t fix the problem. Canyouseeme.org confirmed that the port was inaccessible. Today, with this evening’s diagnostic report, my server’s warning was gone and Canyouseeme.org confirms that the port is accessible again. I’m pleasantly surprised, but baffled.

Has anyone else run into a similar problem? I am on a residential FiOS connection.

  • vividspecter@lemm.eeEnglish
    6·
    10 months ago

    As an aside, if you use DNS challenge you don’t even need port 80 open at all for your certificates to be verified.

    • CrimeDad@lemmy.crimedad.workOPEnglish
      1·
      10 months ago

      Yes, I was going to attempt it this week, but hopefully I’m in the clear. With Yunohost the http challenge for renewal is done automatically, but apparently the DNS challenge is a manual process. It wouldn’t be the end of the world, but I just like having nice things.

      • SteveTech@programming.devEnglish
        1·
        10 months ago

        It’s not an ideal solution, but this guy did the renewal using certbot and just linked the certificate into yunohost for DNS renewal.

  • chiisana@lemmy.chiisana.netEnglish
    4·
    10 months ago

    Sounds like something ISP is doing… residential lines tends to have common ports blocked, it may be a good idea to check your terms of service to verify if they permit running servers on the subscribed service.

    • CrimeDad@lemmy.crimedad.workOPEnglish
      3·
      10 months ago

      From the TOS:

      You may not knowingly or unknowingly exceed the bandwidth usage limitations that we may establish from time to time for the Services, or knowingly or unknowingly use the Services to host any type of server or commercial network or subnetwork.

      Lol I guess not then! I would think that many customers violate this rule because many consumer products contain some type of server.

      • stown@sedd.itEnglish
        1·
        10 months ago

        Plenty of multiplayer games need to run a server so you can play with your friends, not always cloud based. Would Verizon require a business class account to host a multiplayer session for Halo on your Xbox?

  • lando55@lemmy.worldEnglish
    3·
    10 months ago

    Some questions come to mind:

    1. Do you have a static IP address from your ISP?

    2. Dynamic DNS?

    3. Have you verified the listening service is a box you own?

    4. Is there a reverse proxy set up?

    5. Checked the edge router logs to see if it rebooted recently and reloaded firewall rules?

    6. What else sits between your router and the listening server?

    This could be any number of things, maybe this will help point you in the right direction.