RetroPie forum home
    • Recent
    • Tags
    • Popular
    • Home
    • Docs
    • Register
    • Login
    Please do not post a support request without first reading and following the advice in https://retropie.org.uk/forum/topic/3/read-this-first

    Trouble accessing the website

    Scheduled Pinned Locked Moved
    Help and Support
    website
    3
    7
    430
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • RiverstormR
      Riverstorm
      last edited by Riverstorm

      @admins - I was wondering would you know if there's any reason traffic would be blocked to 443 from 206.x.x.x?

      I can ping & pathping to the website. I can also traceroute to the website IP at mythic-beasts.com. I can see two trusted and one non-CA certificate. I tried GnuTLS but can't get a connection on 443. I also tried nmap.

      Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-23 19:03 Central Daylight Time
Nmap scan report for retropie.org.uk (93.93.129.253)
Host is up (0.12s latency).

PORT    STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.63 seconds

      Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-23 19:04 Central Daylight Time
Nmap scan report for retropie.org.uk (93.93.129.253)
Host is up (0.12s latency).

PORT    STATE SERVICE
443/tcp filtered  https

Nmap done: 1 IP address (1 host up) scanned in 0.26 seconds

      You can see it shows 80 open but 443 is filtered which is difficult to determine if it's upstream or at the source. We do have a fairly complex DDN with a whole lot of layers but everything looks good on this end. I see the traffic leaving the firewall but sometime around Thursday evening it just stopped and hasn't worked since. I thought I would ask if the the subnet is getting filtered on your end with a security tool by chance or do I need to keep searching upstream somewhere?

      I appreciate any help as I am stumped as to what's happening.

      BuZzB 1 Reply Last reply Reply Quote 0
      • RiverstormR
        Riverstorm
        last edited by

        @admins - I'm not sure if you corrected something but everything is working today. Sometime between Monday and today something changed back. I didn't have much time yesterday so I'm not exactly sure which day it started working unless it was some carrier issue on the transatlantic links to get across the pond.

        I did a lot of probing and testing throughout the weekend to no end. Looking at layer 3 everything was routing perfectly end-to-end. At layer 4, the transport layer, I could see roughly 8 ports open. Standard stuff that all sites have open. http/80 for redirect, https/443, smtp/25, ftp/21, and other miscellaneous ports for administration. Anyway the only port I could not make an active connection on was 443 which was the oddest thing since 80 was fine.

        Anyway thanks a bunch, I really appreciate it, as this site is an invaluable resource of information for retro-gaming.

        1 Reply Last reply Reply Quote 0
        • G
          grant2258 Banned
          last edited by

          The sites been fine for me for what its worth

          1 Reply Last reply Reply Quote 0
          • RiverstormR
            Riverstorm
            last edited by Riverstorm

            @grant2258 - Hey, yeah I knew the site was up because I could access it from my phone ok. I sat a device outside the DMZ to eliminate any firewall snafu's as our content filtering uses Active Directory global groups with LDAP integration. Plus port blocking, subnet filtering, geo-ip blocking, IDS, IPS, application layer filtering, DNS filtering, virus scan, etc., etc. blah, blah, so it creates a complicated mess sometimes when trying to track outbound/inbound traffic issues.

            Routing is pretty much layer 3 and ports belong to layer 4 (or 3.5 as some will argue ;) and are a little harder to track issues of who's filtering. I mostly think of routing as on/off type working once you have routing protocols in place like OSPF, ring failovers, etc. routing is a snap. It's like being kind of pregnant, either you are or aren't! :) The tracert or ping will get there and if not check your routes before going up the OSI stack to another layer.

            I honestly don't know where the issue was except that it was upstream from me somewhere "filtering" port 443 only which is pretty much what all web servers use which is basically HTTP encrypted with SSL or TLS. It was an odd one being 443 but not 80 and lasted roughly 5 days.

            I really appreciate the feedback and everything seems to be working ok now.

            1 Reply Last reply Reply Quote 0
            • RiverstormR
              Riverstorm
              last edited by

              A weird story is there's a site called albumartexchange that I've downloaded album covers from for years. Every now and then when I would rip a CD and download the cover. Sometimes several CD's in a week and other times not for months.

              In the beginning the site didn't require a username and password. Then several years ago you had to create an account to download an album cover without their watermark on it which was fine.

              I had used it that way for years and years. Then a few months ago the site was blocked completely. So I left it for the night figuring it was down for maintenance or whatever. Then 1 day turned into 2, then 3 and 4. So I used a website that will tell if other websites are down. It turned out it was up.

              So I tried my cell phone...blocked, home ISP...blocked. Everything in this area was blocked. So I found who the domain was registered to and sent an email asking if some of these subnets had been blocked by accident. It's wasn't one or two but the whole area.

              I never heard anything back after a few days so I started googling blocks to his website, since google indexes the entire world it seems, and it turns out this guy is a heavy handed fanatic that blocks whole countries. Some of his thread conversations almost seem psychotic. He even blocked that entire UK at one point for quite a while because he accused users of "stealing" his album covers and using them on other sites. He's got quite a reputation on Reddit, Steve Hoffman music forums and a bunch of other large forums.

              From what I understand he says he has made deals with record labels to allow others to download his covers and he is only protecting them from abuse. It seems like a colossal waste of time when you can get many of the same covers from other legitimate sources. Albeit they do have a huge database that with a great selection.

              I had an account for years. I had never posted in their forums, not even once, so I know I hadn't offended anyone. I can't contribute much in the way of covers because the Photoshop guys doing the covers are way beyond my abilities and they only want the highest quality covers. So I'm at a complete loss as to why.

              Anyway I tried a few proxies and bounced off of France and to get to his site but even those get shut down quickly as he must monitor and block exit nodes. It seems this guy must spend a lot of time monitoring and blocking people as this entire region is completely blacked out with zero idea why. It seems many people get blocked and have no idea why.

              I had no idea so much was going behind the scenes and all the controversy with a website of album covers. =/

              1 Reply Last reply Reply Quote 0
              • BuZzB
                BuZz administrators @Riverstorm
                last edited by BuZz

                @Riverstorm you can get temporarily firewalled for making too many connections to the forum. Make sure you don't open a browser with lots of tabs set to this site. It's hard to trigger with normal browsing and checking the logs I can see you did many backend requests together for different topics.

                To help us help you - please make sure you read the sticky topics before posting - https://retropie.org.uk/forum/topic/3/read-this-first

                1 Reply Last reply Reply Quote 0
                • RiverstormR
                  Riverstorm
                  last edited by

                  @BuZz - Ah, thanks a bunch, that makes perfect sense. I usually use Chrome and when I open my browser I go to the history and reopen several tabs at once. RetroPie is one of the main sites I visit and I usually have multiple topics open for reading and reference. I'll be sure to keep it down to a few tabs.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post

                  Contributions to the project are always appreciated, so if you would like to support us with a donation you can do so here.

                  Hosting provided by Mythic-Beasts. See the Hosting Information page for more information.