root@server:~# curl -iv -m 10 https://cs.appsmith.com
Trying 3.17.92.160:443...
TCP_NODELAY set
Connected to cs.appsmith.com (3.17.92.160) port 443 (#0)
ALPN, offering h2
ALPN, offering http/1.1
successfully set certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
TLSv1.3 (OUT), TLS handshake, Client hello (1):
TLSv1.3 (IN), TLS handshake, Server hello (2):
TLSv1.2 (IN), TLS handshake, Certificate (11):
TLSv1.2 (IN), TLS handshake, Server key exchange (12):
TLSv1.2 (IN), TLS handshake, Server finished (14):
TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
TLSv1.2 (OUT), TLS handshake, Finished (20):
TLSv1.2 (IN), TLS handshake, Finished (20):
SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
ALPN, server did not agree to a protocol
Server certificate:
subject: CN=*.appsmith.com
start date: Nov 4 00:00:00 2024 GMT
expire date: Dec 3 23:59:59 2025 GMT
subjectAltName: host "cs.appsmith.com" matched cert's "*.appsmith.com"
issuer: C=US; O=Amazon; CN=Amazon RSA 2048 M03
SSL certificate verify ok.
GET / HTTP/1.1
Host: cs.appsmith.com
User-Agent: curl/7.68.0
Accept: /
Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
HTTP/1.1 401 Unauthorized
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; worker-src 'self' blob:; connect-src * 'self' blob: raw.githubusercontent.com .intercom.io wss://.intercom.io *.algolianet.com *.algolia.net api.segment.io *.sentry.io *.hotjar.com maps.googleapis.com fonts.googleapis.com www.gstatic.com fonts.gstatic.com appcdn.appsmith.com; img-src * data: blob:; media-src * data: blob:; style-src * 'self' 'unsafe-inline'; font-src * 'self' data:; frame-ancestors *; frame-src * data: blob:
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; worker-src 'self' blob:; connect-src * 'self' blob: raw.githubusercontent.com .intercom.io wss://.intercom.io *.algolianet.com *.algolia.net api.segment.io *.sentry.io *.hotjar.com maps.googleapis.com fonts.googleapis.com www.gstatic.com fonts.gstatic.com appcdn.appsmith.com; img-src * data: blob:; media-src * data: blob:; style-src * 'self' 'unsafe-inline'; font-src * 'self' data:; frame-ancestors *; frame-src * data: blob:
< Date: Thu, 20 Feb 2025 16:32:07 GMT
Date: Thu, 20 Feb 2025 16:32:07 GMT
< Expires: 0
Expires: 0
< Pragma: no-cache
Pragma: no-cache
< Referrer-Policy: no-referrer
Referrer-Policy: no-referrer
< Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
X-Frame-Options: DENY
< X-XSS-Protection: 0
X-XSS-Protection: 0
< Content-Length: 0
Content-Length: 0
< Connection: keep-alive
Connection: keep-alive
<
Connection #0 to host cs.appsmith.com left intact
It seems like all Docker containers are having this issue:
我关闭了Plesk防火墙,突然Appsmith能够建立外部连接
很长一段时间以来,我还没有触摸防火墙或服务器。 我不想让我的防火墙关闭。我希望能够打开防火墙并使Docker建立外部连接
我不确定在防火墙中查看可能导致问题的原因...没有任何规则改变了 其他问题是,当我关闭防火墙时,尽管Appsmith有效并且可以访问外部网络,但仍然有一些阻止其访问本地DB以完成查询并提取信息的东西。
我必须将Docker降级到27.5.1以解决问题:
https://forums.docker.com/t/docker-28-no-unston-network-on-ubuntu-22-with-plessk/146772/7