www.freertos.org connection refused

losolkowski wrote on Friday, June 19, 2015:

I work for Baxter Healthcare Corporation as an embedded software engineer. We are evaluating freeRTOS for use in one of our products. My problem is that when we try to access the freeRTOS website at www.freertos.org using any browser from within the Baxter network, we get a Connection Refused response. This appears to be coming directly from the freertos.org webserver, and is making it impossible to view online documentation, etc. Any suggestions?

rtel wrote on Friday, June 19, 2015:

Curious. I just checked and the website is live.

Is this a problem that has persisted over some hours/days?
Which country are you trying to connect from?
Do you know the IP address of your network on the internet (so I can check for it in the server logs). You can get your external IP address by visiting https://www.whatismyip.com/

Regards.

losolkowski wrote on Friday, June 19, 2015:

The problem has persisted for over a week. I’m connecting from the USA. According to whatismyip, my IP address is: 167.83.210.27. Thanks.

rtel wrote on Friday, June 19, 2015:

This is quite concerning as if you are having an issue, then maybe
others are too. Unfortunately I don’t know what the cause of the issue is.

I can see a couple of hits from your IP address, but they appear to have
come from the shop.freertos.org domain - which is hosted elsewhere
(probably in the US). The shop site uses an SSL certificate though,
where as the main FreeRTOS.org site is does not. Is it possible you can
only view https sites, rather than plain http sites?

You could try a sub page, such as http://www.freertos.org/RTOS.html in
case there is something weird about the main page.

Are you able to access the website from outside of your office (maybe
from home, or over a cellular network)?

If you are able to give me the response code received (like 404 for page
not found) then I could try contacting the hosting company who may be
able to shed more light on it.

In the mean time can you contact me directly using the contact form on
http://www.freertos.org/contact - just mark your email for attention of
Richard. Thanks.

Regards.

losolkowski wrote on Friday, June 19, 2015:

Richard,

Thanks for the quick response. We can access the shop.freertos.org pages with no problem; it’s only the pages off of the main site that are inaccessible. Sub-pages also do not work. The browser displays a “Connection refused” message, and nothing else. I can access the website with no problems from home, and even from home using my work laptop as long as I’m not connected to our VPN. Several other people at this location and other Baxter locations have the same problem, so it’s not just me. I can access plenty of non-SSL sites from work, so that seems unlikely to be the problem. I can’t access the http://www.freertos.org/contact page either!

rtel wrote on Friday, June 19, 2015:

Ah, yes, figures. In which case write to me on r dot barry at
freertos dot org.

I presume you have asked your IT support guys if they know of a reason?
I’m guessing its because it is trying an https connection by default,
and not an http connection.

Regards.

losolkowski wrote on Wednesday, July 01, 2015:

This is the latest response from our corporate IT support:
“The reason this site is Connection Refused is because the IP Address (where the site is being hosted from) has been linked to malware. The security team will provide additional information. The blocking of this site is not to directly affect your job role but to security the Enterprise. If malware is no longer being seen at the site (and/or corrected by the vendor), then this site may at some point become unblocked.”

I’m not sure how to proceed. Are you aware of any issues with your hosting service? I’ll try to get a more detailed response from our IT security team regarding their expectations and requirements to resolve this issue.

rtel wrote on Wednesday, July 01, 2015:

Umm. No idea I’m afraid, but it sounds like your security guys are
going to provide further information, so hopefully they will tell us. I
will be interested to know myself, but suspect this is just a ‘false
positive’.

Our web site definitely doesn’t contain malware, and your security team
can verify that extremely easily by visiting the site and viewing its
source code. Its hand coded plain text html barring a few javascripts
to implement the sliding things, tree menu on the left, and allow people
to sign up to the newsletter. The JaveScript itself is also plain text
and easily readable. [In case its not obvious from the website, we are
not very proficient in web design or programming, so everything is very
basic indeed so it will be easy for them to verify.]

The site is however on a shared server, and I have no idea what other
websites on the same server are doing, or even if other websites on the
same server will have the same IP address - as long as you keep to the
freertos.org domain you won’t see any other sites though.

Regards.

losolkowski wrote on Wednesday, July 01, 2015:

I’ve received further communication from our IT security team. The first response contained this:

“The issue with the blocking doesn’t pertain directly to the website, but where the web site decided to buy and park its domain. The domain resolves to IP 195.8.66.1, but so do 13,000+ other sites.
This hosting provider, while I am sure it hosts cheap legitimate sites, also hosts a mass amount of known malware exchange and CnC sites.”

After some back and forth, they decided that our need to access your site was legitimate, and that they would unblock access to the IP address and deal with blocking access to other sites on that IP separately. So it looks like the problem will be resolved on our end, but I’d suggest that you might want to reconsider your hosting, at least to the extent of getting your own IP address for your domain instead of a shared one.

Thanks for all of your help - really appreciated!

rtel wrote on Wednesday, July 01, 2015:

Pleased it worked out in the end.