Hi, all. So I am losing my mind over here. I recently paid for a domain through Njalla. I can route my email through it without any trouble, but then I thought I might like to self-host a personal website on it. I am using dietpi x86-64 on my homelab, a system on which I successfully host Jellyfin and Navidrome using Tailscale for remote access. I installed Wordpress and everything works just fine. The thing is, the moment I switch the site to an external URL, I simply cannot access it. I have added the A Records on Njalla for the domain to point at my server’s public IP. I have opened ports 80 and 443 through UFW on the server, and pointed them to my the server’s internal IP through the router. I have tried pointing Certbot at the URL, and it fails, returning the error that it couldn’t fetch a file from /.well-known/acme-challenge (although it does show that the URL is pointing at the correct IP). I have changed my router settings to assign a static internal IP to the server.
I am at a loss. I’m sure it’s something really easy and simple that I’m missing, but I cannot find what it is for the life of me. Thank you in advance for any tips or advice.
Njalla’s default TTL for DNS records is 3600 seconds (1 hour). If you just created or modified the A record, it can take up to that full hour for the change to propagate across the internet, which would perfectly explain why Certbot is connecting to the right IP but failing to fetch the file (the request might be hitting an old IP or a cached null response).
Before changing any more configurations, you should verify what the rest of the internet is actually seeing for your domain right now.
Check the current DNS record
You can use
digto see exactly what IP your domain is resolving to, and importantly, the remaining TTL on that record.From your local machine (or any computer), run:
This will output something like:
The second column (
3412) is the remaining TTL in seconds. If that number is counting down from 3600, the record is still propagating. If the IP address shown there doesn’t match your server’s current public IP, the change hasn’t taken effect yet for that DNS server.Check from a different perspective
To ensure it’s not just your local ISP or router cache serving an old record, query an external public DNS server directly:
If these external servers show the correct IP but Certbot still fails, the DNS is fine, and the problem is somewhere in your network routing or web server config. If they show a wrong IP or no record at all, you simply need to wait for the TTL to expire.
Hi. Thank you so much for this detailed response. I ran the dig commands you suggested, and they all show the correct IP. Njalla allows you to change the TTL, so I set that to 0s when I created the A record. So the problem must be with my routing or my web server, as you said. How can I troubleshoot those?
Sounds good.
Hmm next you probably should confirm ports 80 and 443 are actually reachable from the internet.
Use an online port checker like https://canyouseeme.org/
After that you should check your apache config like somebody else already suggested. I haven’t used apache in a while but if I remember correctly:
Ensure it says: Listen 80 NOT: Listen 127.0.0.1:80
(and same with 443)
Also check your VirtualHost — it should look something like:
<VirtualHost *:80> ServerName yourdomain.com DocumentRoot /var/www/wordpress # ... other settings </VirtualHost>(and same with 443)
https://dnschecker.org/