How do I resolve the ERR_CONNECTION_REFUSED error on cPanel?

Procédure

Why do I get the ERR_CONNECTION_REFUSED error?

The "ERR_CONNECTION_REFUSED" connection error is a generic error message indicating that your web browser's connection to the website has been refused. There could be several reasons for this, such as a connection problem, blocking by a firewall, etc. This documentation will help you diagnose the problem and provide a solution.

Check that your IP address has not been blocked by the server's firewall

One of the most common reasons for blocking is that your device's public IP address has been blocked by the cPanel server's firewall. To check this, first recover the public IP address of your device by visiting our dedicated tool: https://monip.lws.fr :

Then, from another device connected to another Internet connection, check that your IP address is not being blocked by the server.

It is very important to use another internet connection to check, as the same internet connection will most likely share the same public IP address across all your connected devices ( NAT principle).

If your IP address is regularly blocked by a cPanel server's firewall, this could mean that one or more devices on your network is carrying out malicious actions such as bruteforces attacks, DDoS or too many unsuccessful connection attempts to the server. Among the events that can trigger a firewall block:

• Too many email connections (IMAP, POP, and/or SMTP) with the wrong user and/or password
• Too many HTTP connections blocked by the ModSecurity firewall
• Too many emails sent via SMTP
• Too many simultaneous connections to any service
• Port scanning
• Too many cPanel and/or WHM (CloudCP only) connections with the wrong user and/or password

You may wish to contact support to have a technician check the server log files to see why your IP address is being blocked.

My IP address is not blocked on cPanel

If the"Firewall" tool on your cPanel interface does not detect any IP address blocking, the blocking could be at the level of another firewall between your web browser and the cPanel server: your PC's firewall/antivirus, your router's firewall, your ISP's firewall, the firewall upstream from the datacenter hosting the cPanel server, the firewall securing the link between your ISP and one of the LWS network providers, or a firewall upstream from the LWS network.

As a first step, you can deactivate the antivirus and/or firewall on your computer to see if the problem is not coming from this side. In particular, we have found that some home/small business security solutions (antivirus/firewall) are aggressive enough to block, for example, HTTPS traffic on port 2083, the port you need to use to connect to the cPanel interface.

If this is indeed the case, we then invite you to reactivate your antivirus/firewall security solution and add the blocked URL to the exception list (white list).

Identify the blocking point

If, however, the blocking is neither on your side nor on the side of the cPanel server, it will be necessary to identify the blocking pointe; To be able to identify the blocking point, it will be necessary to trace the route of your network traffic.

Traceroute on Windows

Unfortunately, the Windows tracert tool cannot simulate genuine traffic such as TCP traffic. This tool can only trace the path of an ICMP request. ICMP traffic is heavily filtered on the LWS network because it can be used to carry out DDoS attacks. The result of the Windows tracert tool could therefore be distorted.

For more information, download the nmap tool, which has a more powerful traceroute tool. Once downloaded and installed, open your command prompt (or PowerShell) and run the following command:

nmap --traceroute -p T:443 votresite.com

Traceroute on Linux/Mac

To perform a traceroute under Linux or Mac, open your terminal and run the following command:

traceroute -T -p 443 votresite.com

The elements to adjust in the command (Windows, Linux and Mac)

Obviously, replace "yourwebsite.com" with the domain name that cannot be accessed (your website or the server host name, if you are unable to access a particular service such as the cPanel interface or webmail). Replace port "443" with the port you are having problems with:

• 80 to check HTTP access only
• 443 to check HTTPS access only
• 2083 to check HTTPS access on the cPanel interface only
• 2087 to check HTTPS access on WHM interface only (CloudCP only)
• 2096 to check HTTPS access on the webmail interface only
• 110, 143, 993 or 995 to check IMAP/POP email reception, depending on what is configured in your email software
• 25, 465 or 587 to check SMTP email sending, depending on the configuration of your email software

Identification of the IP address

Once the traceroute has been completed, you will see the IP address of the last router/server that your computer was able to contact. A successful network connection will show the IP address of your cPanel server, whereas an interrupted network connection will show timeouts and the last IP address shown on the list could potentially be the router/server that caused the block (or the router/server that followed). If you recognise the IP address and have access to this router/server, check your routing and/or firewall settings on it. This may include network configuration by your local network administrator.

If the IP address detected is the IP address of a router/server belonging to your Internet Service Provider, then the block is at their level and you will need to contact them to unblock it;

If the IP address is part of the LWS network or one of LWS's network providers, you will need to contact LWS support so that we can view the details of the problem on the router/server and proceed with the unblocking.

In all cases, you can send the result of the traceroute or nmap command to our support technicians if you would like help identifying the blocking point.