Wordpress local loopback

amsiato · January 8, 2021, 5:46pm

Hello,

I just discovered Hestia-CP and I find it great, kudos to everyone involved in the development, I decided to use it to self-host my websites at home, everything is working pretty smoothly so far.

However I am having some issues with Wordpress, which is not able to complete a local loopback request once configured, thus meaning that the rest API can’t work.

I would normally on a regular machine just add the domain in the hosts file to resolve on 127.0.0.1 to fix that, but I assumed hestia-cp would do that automatically?

In that case after testing I realised that I can’t curl https://localhost or https://127.0.0.1 as it returns “curl: (7) Failed to connect to 127.0.0.1 port 443: Connection refused”, I guess I am missing something obvious but why does it do that? I have the default firewall config which allows 0.0.0.0/0 on this port.

For now I fixed the issue by resolving the domain on the local IP of the machine in the hosts file, but I would rather not have to do that for every domain I configure in hestia obviously, could someone help me see what I am doing wrong here?

For reference my hestia-cp is a VM behind a reverse-proxy (I use Nginx Proxy Manager) so it does not have a public ip assigned to it.

Thank you for any help you can provide.

Lupu · January 8, 2021, 8:58pm

If you are using the Bind9 dns feature in Hestia you can setup systemd local resolver to use it.

Check /etc/systemd/resolved.conf

amsiato · January 10, 2021, 3:25pm

Thank you, I will look into this! Any insight regarding the connection refused with curl on localhost?

eris · January 10, 2021, 4:29pm

Domain are bind to the ip assigned in the system. So localhost will not response with website data.

amsiato · January 10, 2021, 6:55pm

Oh I see, thank you! One last question, my HestiaCP being behind a reverse proxy, I can’t generate letsencrypt certs, I looked into the issue and it seems this is due to the method of verification which won’t work behind a proxy changing to http webroot verification can work though, is it possible to change that in Hestia without breaking everything?

eris · January 10, 2021, 7:06pm

Cloudflare?

Probally disable it or change to ssl to “Flexible”

amsiato · January 10, 2021, 8:28pm

No cloudflare, everything is hosted on my home server and it is two proxmox VMs, one for a nginx reverse proxy which allows me to forward requests based on domain names to the other VMs on the network behind it, so hestiaco is in another VM which the reverse proxy connects to locally over https and I would like to be able to use a letsencrypt cert between these two VMs as I am for now only using a self signed cert generated in hestia and a letsencrypt cert on the nginx proxy so everything is secure but I would like to avoid using self signed certs for local connections between VMs altogether if possible, not sure if that is the right way to go?

eris · January 10, 2021, 8:48pm

Probally self signed is the best way then. As long the facing server has an certificate it doesn’t really matter…