I have a custom wordpress "client" plugin that makes a cURL call to a Node app on an Ubuntu server.
The call works perfectly from every WP installation, except for one where everything worked fine until yesterday then the following cURL call suddenly started to return a
Failed to connect to x.x.x.x port 3344 after 1040 ms: Connection refused.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'http://x.x.x.x/wpdata/get',
CURLOPT_PORT => 3344,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{
"message" : "Some SHORT post data"
}',
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json'
),
));
if(! $results = curl_exec($curl) ) {
die( curl_error($curl) );
}
The Node app uses Express, it's managed by PM2 and runs without nginx nor Apache, the clients connects directly using IP:PORT calls.
The server that hosts the Node app is an Ubuntu 18 server on a VM with fail2ban 0.10, but all the rules are actually disabled (even disabling fail2ban itself doesn't solve the problem).
Also iptables -L -n doesn't show any rule that could look like a ban for the failing server IP nor the listening port (afterall the same plugin on different client gives correct results).
Both /etc/hosts.deny and /etc/hosts.allow are empty too.
Getting mad after that, do someone knows where could I look to find why that single client gets a Connection Refused response?
