-1

I have an odd scenario and I'm stumped. I set up a Linux Ubuntu VPS and installed nginx, just to serve web files. I'm not using it as a reverse proxy or any kind of load balancer.

I purchased a domain, and created two A records: @ and www which map to my server's IPv4 address.

When I ping my domain name (e.g. typing ping mydomain.example into cmd), I get the correct IP address responding. If I connect from my client browser to the server by entering the IP address directly, the nginx welcome page loads, so the web server is running and doing its job. However, if I try to navigate to mydomain.example or www.mydomain.example, the browser times.

I have done this config before but using Tomcat and Apache. Is there something within nginx that I need to configure in order to get it to serve content when the domain is navigated to? I configured the server block and set the server_name to mydomain.example. I've followed many tutorials but can't figure out why it's not connecting.

I thought it was a browser issue but the connection times out on both Chrome and Firefox. Any ideas what I can check to troubleshoot this further?

Patrick Mevzek
  • 10,995
  • 16
  • 38
  • 54
Sabien
  • 219
  • 2
  • 16
  • `ping` is not the correct way to troubleshoot DNS problems, you should use `dig` or the inferior `nslookup` if not possible otherwise. Also your question is not related to programming, hence would be more on topic as is on [sf] or [su] – Patrick Mevzek Apr 08 '19 at 22:17
  • @PatrickMevzek How can I move this question? – Sabien Apr 08 '19 at 22:23

1 Answers1

0

So after spending a lot more time and testing, I found out that the reason it was not working is because my domain is a .dev TLD, recently purchased from Google. Apparently these domains require the use of SSL.

I used certbot and installed a SSL certificate on my server and it started working immediately. I wish there was a notice when I purchased that domain that it only works on SSL. Would have saved me a few days.

Sabien
  • 219
  • 2
  • 16
  • `.DEV` was NOT recently purchased by Google. ICANN opened new TLDs in 2012, Google applied for .DEV (among others) and got it. It launched recently, and indeed Google mandates all registrars to specifically warn that you need to buy an X.509 certificate (SSL died 20 years ago) because `.DEV` in on the HSTS preloading list. See my other answere here: https://stackoverflow.com/a/50258651/6368697 for further explanations (it was for `.APP` but this is another Google TLDs, and they manage all their new ones with the same set of restrictions and guidelines) – Patrick Mevzek Apr 08 '19 at 22:23
  • @PatrickMevzek I didn't say anything about Google recently purchasing .dev. I said that I recently purchased the domain FROM Google. Google is my registrar and I purchased the domain from them recently, and I've never used a .dev domain before so I didn't think that .dev would matter in my "badly obfuscated" example. – Sabien Apr 08 '19 at 22:27
  • 1) sorry that I parsed your sentence differently. In fact Google is the **registry** of the .DEV TLD, you will get the same requirement (that you need a certificate) through any registrar (or at least that is what Google the registry mandates to all its registrars) and 2) in case of doubts regarding obfuscation, give more data than less. If anyone believes the real data is useless he can obfuscate it, but once you obfuscate for everyone, noone can de-obfuscate, the information is lost forever. And your case show why at least having the TLD makes the answer far faster/simpler. – Patrick Mevzek Apr 08 '19 at 22:35