Getting Apache error "Failed to resolve server name for 'cloudflare ip'"

Hello everyone.

I’ve deployed a NodeJS app in CentOS 7 with Apache as reverse proxy and it is currently accessible by the serverIP and its port. But sadly I can’t reach it with domain.

The domain is from GoDaddy where I put the nameservers of CF and here in CF, I put the server ip for the A record. So now after configuring Apache web server, I checked its status and there’s an error which goes something like this:

[core:error] [pid 17169] (EAI 2)Name or service not known: AH00549: Failed to resolve server name for 104.xx.41.204 (check DNS) -- or specify an explicit ServerName

and which is the CF ip. But the issue is if I resolve my domain’s dns, I can see the same IP.

So why is it saying that it can’t resolve the server name? What am I doing wrong here?

Here’s how Apache config looks like:

<VirtualHost example.com:80>
        RewriteEngine on
        RewriteCond %{SERVER_PORT} ^80$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
        Header always set Strict-Transport-Security "max-age=31536000"

        ServerName example.com

        SetOutputFilter DEFLATE
        SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$"no-gzip
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

        ExpiresActive On
        ProxyRequests off
        RequestHeader add original-protocol-ssl 1
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        <Location />
                ProxyPass http://xxx.138.xxx.xxx:3000/
                ProxyPassReverse http://xxx.138.xxx.xxx:3000/
                ProxyPreserveHost On
        </Location>
        # SSLCertificateFile /etc/letsencrypt/live/xxx.example.com/cert.pem
        # SSLCertificateKeyFile /etc/letsencrypt/live/xxx.example.com/privkey.pem
        # Include /etc/letsencrypt/options-ssl-apache.conf
        # SSLCertificateChainFile /etc/letsencrypt/live/xxx.example.com/chain.pem
</VirtualHost>

Here’s the CF dns:

Apache is looking for the fully-qualified domain name of your server and can’t determine it from the IP address (no reverse DNS?).

Specify the name using the ServerName directive in every VirtualHost block, and at the top level of the config using the server’s actual name. In your example you don’t have it in the :80 block.

1 Like

Hi sorry for the late reply. My OS crashed.

So I added “ServerName example.com” in the first VirtualHost block. Or did you mean I should add my hostname in Vhost as “<VirtualHost hostname:80” ? But now I’m not getting that httpd error anymore or may be I am but it’s not shown in httpd status.

Also, my server name is the domain right? My server’s hostname is different and its another domain. So in Vhost I’m using the domain where I’m deploying my app to.

This is how the first vhost looks like:

VirtualHost example.com:80>
        ServerName example.com

        RewriteEngine on
        RewriteCond %{SERVER_PORT} ^80$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>

You got it right. In the VirtualHost your ServerName is your domain that you want the site available on. If you want it also to answer to www.example.com then add a ServerAlias with that name as well. You don’t need to also put the server name in the actual <VirtualHost foo:80> part; just <VirtualHost *:80> is fine nowadays.

At the top level of the config you can and probably should set ServerName to the actual, physical name of the server. If you continue to get an error referencing ServerName then that is what you should do, but if you’re not answering any requests for that name then it may never cause a problem.

Hey I didn’t understand the last part about the top level of the config. Can you provide an example? Let’s assume my domain is example.com and server hostname is server1.boomboom.com

Normally, you would specify a ServerName directive outside any virtual host blocks using the server’s actual name. Just ServerName server1.boomboom.com. But if you’re not getting any errors any more you probably don’t need to.

I understood what you’re saying but I’m not too experienced to implement it. I contacted my hosting provider and they did something and now I’m no longer getting that error in httpd logs. Also, previously when I visited the domain, I was seeing ‘Forbidden’ message. But now it turned to ‘Apache is functioning normally’ but dont see my app.

They told me to edit this file: /usr/local/directadmin/data/users/<username>/httpd.conf.

And this is how the file looks like now after reverse proxying to my NodeJS app:

# Auto generated apache config file by DirectAdmin version 1.641
# Modifying this file is not recommended as any changes you make will be
# overwritten when the user makes any changes to their website

# For global config changes that affect all Users, see this guide:
# http://help.directadmin.com/item.php?id=2
# For local config changes that only affect one User, see this guide:
# http://help.directadmin.com/item.php?id=3


<Directory "/home/<username>/public_html">
        <IfModule mod_fcgid.c>
                SuexecUserGroup <username> <username>
        </IfModule>
                php_admin_flag engine ON
                php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f [email protected]'
                php_admin_value mail.log /home/<username>/.php/php-mail.log
                php_admin_value open_basedir /home/<username>/:/tmp:/var/tmp:/opt/alt/php74/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/$
</Directory>
<VirtualHost example.com:80>
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
Header always set Strict-Transport-Security "max-age=31536000"

    ServerName example.com

    SetOutputFilter DEFLATE
    SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$"no-gzip
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

    ExpiresActive On
    ProxyRequests off
    RequestHeader add original-protocol-ssl 1
    <Proxy *>
            Order deny,allow
            Allow from all
    </Proxy>
    <Location />
            ProxyPass http://xxx.138.xxx.xxx:3000/
            ProxyPassReverse http://xxx.138.xxx.xxx:3000/
            ProxyPreserveHost On
    </Location>
    # SSLCertificateFile /etc/letsencrypt/live/xxx.example.com/cert.pem
    # SSLCertificateKeyFile /etc/letsencrypt/live/xxx.example.com/privkey.pem
    # Include /etc/letsencrypt/options-ssl-apache.conf
    # SSLCertificateChainFile /etc/letsencrypt/live/xxx.example.com/chain.pem
</VirtualHost>

Do you know why I’m getting ‘Apache is functioning normally’ instead of my Nodejs app that is running in port 3000?

Well, the ServerName directive is gone from your :80 virtual host block again.

Does it work if you type in the https:// part in your browser?

Also to let you know, ‘Apache is functioning normally’ is coming from a file which is in /var/www/html. This file is mentioned in /etc/httpd/conf/httpd.conf file as DocumentRoot /var/www/html. Now I am even more confused.

Yes the website is being served over https. I think I’m getting a free SSL from my host.

Although I am now 100% sure that there is no Cloudflare/DNS issue here. But still help me with this. I’m struggling for a week now.

If you don’t have a ServerName directive in the :80 VirtualHost block, it will never be used. You had added it before, and now it’s gone again.

Just added ServerName example.com. Still the same.

The ‘Network’ tab shows a status code of 304. Does this mean anything to you?

Status 304 means your browser has the page cached and did not load it again from the server because the server indicated that nothing has changed.

The problem with trying to help here is that you are using some kind of managed hosting that is generating Apache configs, and there’s not much anyone other than your hosting provider can do to tell what’s going on beyond guessing. The comments in the config you included indicate that the file shouldn’t even be edited because changes will be lost, so they are doing some kind of management of the config and we can’t possibly know what all is going on behind the scenes there. I don’t even know if changes you make will be picked up without doing a reload of Apache.

I guess they are using something called Direct Admin? You probably need to go to your hosting provider for detailed help here.

Yeah exactly what I was thinking. I’ll reach out to them or get in touch with DirectAdmin community. Thanks a lot for your help. Means a lot.