I'm running a t3.medium EC2 instance with Amazon Linux 2023, and I've got an elastic IP tied to it. My security group allows all IPv4 and IPv6 traffic for SSH, HTTP, and HTTPS. However, since earlier today, I can't access the instance over HTTPS (or HTTP) from the internet, although SSH is still working fine. If I tunnel my connection through SSH, I can see that the server is up and running. I haven't changed any settings on my VPC or security group in the last 12 hours. Does anyone have insights on why my HTTPS and HTTP traffic might suddenly be blocked while SSH continues to work? (I'm located in eu-west-3, if that helps.)
1 Answer
Try starting a tcpdump on the instance listening on ports 443 and 80 while you attempt to connect. If there's no network traffic arriving at those ports, it could be a security group or network access list issue. If traffic is seen, it might mean the instance isn't listening or has its own firewall settings blocking the requests.
Thanks for the suggestion! I found that firewalld was enabled after an update to Amazon Linux. That's likely what's blocking my HTTP/HTTPS traffic. At least I can disable it temporarily while I troubleshoot further!