Have you tried scanning your computer for any malware/ad ware that could be blocking (this is a guess). And you have tried your browser with no add ons or extensions.
also - have you checked the server certificates you have allowed or blocked on your computer and emptied all cache and cookies
Can you access the control panel of the site? You could contact siteground they may be able to get something from the logs to the server
Same here. The site loads fine for me using Firefox 80.0.1 and Safari 12.1.2 (macOS Sierra 10.12.6 on a Mid-2011 Mac mini).
Traceroute stops after 20 hops, but that doesn’t necessarily indicate a problem. Many service providers silently drop ICMP packets, which will prevent ping and traceroute from producing useful results.
The fact that two different computers on the same LAN produce different results implies that it is something on that computer. The fact that different browsers on that computer produce the same results indicates that it is not the browser.
My next test would be to create a new user on that computer, log-in as that user and see what happens from that account. If it works, then the problem is something configured/running in your account (look for startup items, preferences, background apps, web plugins/add-ons, etc.) If it doesn’t work, then the problem is something configured/running system-wide.
If you are running any kind of firewall/security software, it could be that the provider updated its definitions in a way that broke your site. See if you can temporarily disable it and see if that changes anything. See if it has any status/log information you can look through.
Check your browser’s log. On Firefox, you can right-click on the page and select Inspect Element from the menu to open up the inspector. Then reload the page. Look at the Console and Debugger tabs to see if any useful messages/errors were logged. If you are running an ad blocker, it may also log information to the inspector (Adblock Plus adds a tab to it for the data it logs).
@gdewaard I’m afraid doing a traceroute is outside my paygrade. I am tech savvy, but not an IT pro.
I can reach the site using FTP, but interestingly not if I use the hostname given to me by SiteGround, the site host. They state the FTP hostname should be tanamerah.com, but that won’t connect. Instead it tries to connect to 77.104.133.95, wherever that is, and fails. SiteGround told me to use their server address as the hostname: uk1005.siteground.eu. This works.
I have asked SiteGround to look into this. Mind you, this has been the case ever since I moved the site to SiteGround last year, and it’s only in the last 48 hours I haven’t been able to connect through a browser.
@appleget Yes, I ran a malware scan of the entire hard drive overnight. It’s clean.
I am afraid I don’t know much about server certificates, so no, I haven’t checked them. Perhaps I need to gen up on what to do. Looking in Keychain Access it’s certainly not obvious what I should be looking at.
I have emptied Safari’s caches, and cookies relating to the tanamerah.com site. It was one of the first things I did. But then that would only apply to Safari, and I cannot open the site in any browser.
I spoke to SiteGround yesterday before starting this TidBITS thread. They claim there’s nothing amiss on the server and that it has something to do with my device.
One of my first actions was to login with a clean account that I keep for testing. This is a virgin account that I’ve added nothing to. It made no difference.
I wish. But I am not. No firewall, no security. My system is all very simple. We work from home, just my wife and I. I’ve never felt threatened by hackers and have never felt the need to take special steps against them, over and above what is built in to the Apple universe.
My website (actually, my wife’s) is different. Since getting hacked last year I learned that that needs all sorts of security. We run a plugin called WordFence.
I haven’t yet done this, but will. I’ll report back.
Thanks to everyone for their comments and suggestions. I hope and pray that sooner or later we will get to the bottom of the issue.
Best
Kevan
Maybe a long shot, but is WordFence locking you out? I’ve had a few incidents of that happening to a couple of WordPress sites I maintain, where there is a setting in WordFence that blocks by IP address, and especially after doing a lot of updates and changes, I get locked out by WordFence.
I have a setting that blocks for 2 hours, and then I can get back in. It hasn’t happened to me often enough to go deeper to discover what I did to trigger the lockout.
If you can login via your neighbor’s internet, perhaps you can look at the WordFence settings.
Could very well be it. WordFence is not very clear about the exact methods used to block traffic and identifying ‘attackers’, so you could be blocked by your MAC-address. Look at the info/logs that WordFence created on your site.
OTOH, WordFence claims you get an email when certain activity is noted. Did you receive such an email?
It’s actually very simple. All Unix-based computers (including macOS) include it as a command-line tool. Just type traceroute followed by the destination.
It works by sending out ICMP echo packets (the same ones used by the ping command) with the TTL (time-to-live) parameter increasing from 1 up to some maximum (64 by default). It looks at where the TTL-expired errors come from in order to present a (hopefully accurate) description of the path your packets take from yourself through all the intermediate routers to the destination server. It also records the time elapsed between sending the packet and getting a response in order to estimate performance. Here’s what I get when I do a Traceroute to TidBITS:
$ traceroute www.tidbits.com
traceroute: Warning: www.tidbits.com has multiple addresses; using 172.67.213.57
traceroute to www.tidbits.com (172.67.213.57), 64 hops max, 52 byte packets
1 gatewayrouter (192.168.1.1) 0.853 ms 0.397 ms 0.287 ms
2 96.120.81.1 (96.120.81.1) 253.598 ms 54.410 ms 232.611 ms
3 68.86.200.41 (68.86.200.41) 73.549 ms 76.754 ms 61.230 ms
4 162.151.58.101 (162.151.58.101) 152.775 ms 27.374 ms 30.658 ms
5 96.108.106.85 (96.108.106.85) 21.496 ms 186.060 ms 21.982 ms
6 69.252.19.10 (69.252.19.10) 15.744 ms 43.094 ms 183.883 ms
7 172.67.213.57 (172.67.213.57) 70.968 ms 117.984 ms 184.873 ms
Traceroute also attempts to do a reverse-DNS lookup in order to present the names of each router, but in this case, it appears that the information was only available for my home router (gatewayrouter), so all we got were IP addresses.
In this particular case, it provided a route to 172.67.213.57, which is a Cloudflare server, probably used by TidBITS to provide resiliency, scalability, DDoS protection and other related services.
OK, understood. Thanks for the explanation. Here’s what I’ve got:
traceroute to tanamerah.com (77.104.133.95), 64 hops max, 52 byte packets
1 192.168.1.254 (192.168.1.254) 2.658 ms 0.896 ms 0.946 ms
2 * * *
3 * * *
4 31.55.185.176 (31.55.185.176) 6.773 ms
31.55.185.188 (31.55.185.188) 7.874 ms
31.55.185.176 (31.55.185.176) 5.839 ms
5 core1-hu0-8-0-5.colindale.ukcore.bt.net (195.99.127.146) 5.302 ms
213.121.192.138 (213.121.192.138) 5.678 ms
core1-hu0-15-0-8.colindale.ukcore.bt.net (213.121.192.12) 5.760 ms
6 peer7-et-0-0-1.telehouse.ukcore.bt.net (62.172.103.158) 18.491 ms
peer7-et-0-1-6.telehouse.ukcore.bt.net (109.159.252.166) 9.277 ms
peer7-et-4-1-1.telehouse.ukcore.bt.net (194.72.16.134) 6.129 ms
7 166-49-214-194.gia.bt.net (166.49.214.194) 6.131 ms 6.444 ms 6.319 ms
8 bbr02.lon01.networklayer.com (195.66.237.183) 6.142 ms 5.985 ms 6.158 ms
9 ae5.cbs01.tg01.lon01.networklayer.com (169.45.18.12) 6.660 ms 6.868 ms
ae5.cbs02.tg01.lon01.networklayer.com (169.45.18.16) 6.652 ms
10 bf.13.2da9.ip4.static.sl-reverse.com (169.45.19.191) 7.210 ms
c3.13.2da9.ip4.static.sl-reverse.com (169.45.19.195) 7.761 ms
bf.13.2da9.ip4.static.sl-reverse.com (169.45.19.191) 7.412 ms
11 75.76.32a9.ip4.static.sl-reverse.com (169.50.118.117) 8.261 ms 8.059 ms
77.76.32a9.ip4.static.sl-reverse.com (169.50.118.119) 8.643 ms
Not sure what to make of it though!
So I tried this in Firefox. When I entered the website address in question and hit return, Console, Debugger, and Inspector remained completely blank. So not much help I’m afraid.
Thanks
Is that all the output? Or were there lots of rows with nothing but stars (like rows 2 and 3 of your output)? I ask because the tanamerah.com IP address (77.104.133.95) doesn’t appear at the end of the trace - meaning you never got a response from it.
That would be the same as what @gdewaard and I saw. But as I wrote, it is not necessarily indicative of a problem because the server (or some router in between) might simply be configured to drop the ICMP packets used to perform the trace.
That’s a bit strange. The Console tab should show all kinds of information. But you need to reload the page while the inspector is open - it doesn’t log anything when the inspector panel is closed/hidden.
I would expect the Inspector tab to be blank if nothing loaded (since it is used to analyze the loaded web page), but the Console should show the attempted HTTP requests, which ones succeeded and failed, and why they failed. On the top-right corner of the Console pane, there are buttons to filter the contents (Errors, Warnings, Logs, Info, Debug. CSS, XHR, Requests). Make sure they’re all turned on.
Here’s some documentation about the Firefox Web Console window:
https://developer.mozilla.org/en-US/docs/Tools/Web_Console
And the similar Browser Console window:
https://developer.mozilla.org/en-US/docs/Tools/Browser_Console
From here in the US I’m seeing a different address for tanamerah.com:
35.214.121.54
(which is a googleusercontent.com server)
That is, not 77.104.133.95 as you are
(That’s a siteground.com Wordpress server)
So we’re not looking at the same thing.
I’m guessing if you entered
nslookup tanamerah.com
in terminal, you might get different addresses back from working and non-working machines?
Another thought, are any browsers giving a “Too many redirects” error? (Safari won’t) This might be helpful if so:
How to Fix ERR_TOO_MANY_REDIRECTS on Your WordPress Site
Which ends up suggesting you put your domain name into:
SSL Server Test (Powered by Qualys SSL Labs)
and see if it spots any SSL errors
(One thing I did note - the SSL certificate at the googleusercontent server was just renewed on Sunday Sept 6th. Does that correspond with any start of your problems?)
Good catch! I didn’t even think about that.
I’m seeing the same address @schwartz is seeing:
$ host tanamerah.com
tanamerah.com has address 35.214.121.54
tanamerah.com mail is handled by 10 mx10.mailspamprotection.com.
tanamerah.com mail is handled by 20 mx20.mailspamprotection.com.
tanamerah.com mail is handled by 30 mx30.mailspamprotection.com.
If I use dig (a tool for debugging DNS) on tanamerah.com, I first find that the top-level domain servers indicate two name servers (ns1.uk1005.siteground.eu and ns2.uk1005.siteground.eu):
$ dig @a.gtld-servers.net tanamerah.com ANY
; <<>> DiG 9.8.3-P1 <<>> @a.gtld-servers.net tanamerah.com ANY
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37489
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;tanamerah.com. IN ANY
;; AUTHORITY SECTION:
tanamerah.com. 172800 IN NS ns1.uk1005.siteground.eu.
tanamerah.com. 172800 IN NS ns2.uk1005.siteground.eu.
;; Query time: 1197 msec
;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30)
;; WHEN: Wed Sep 9 18:02:38 2020
;; MSG SIZE rcvd: 87
All 13 top-level-domain servers (correctly) return the same NS record for your domain, so there’s no corruption there.
If I then ask the siteground.eu name servers, I get:
$ dig @ns1.uk1005.siteground.eu tanamerah.com ANY
; <<>> DiG 9.8.3-P1 <<>> @ns1.uk1005.siteground.eu tanamerah.com ANY
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29517
;; flags: qr aa rd; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;tanamerah.com. IN ANY
;; ANSWER SECTION:
tanamerah.com. 86400 IN MX 30 mx30.mailspamprotection.com.
tanamerah.com. 86400 IN MX 10 mx10.mailspamprotection.com.
tanamerah.com. 86400 IN MX 20 mx20.mailspamprotection.com.
tanamerah.com. 14400 IN TXT "v=spf1 +a +mx +ip4:35.214.40.92 +include:_spf.mailspamprotection.com ~all"
tanamerah.com. 86400 IN A 35.214.121.54
tanamerah.com. 14400 IN SOA ns1.uk1005.siteground.eu. root.uk1005.siteground.eu. 100005 86400 7200 3600000 86400
tanamerah.com. 86400 IN NS ns2.uk1005.siteground.eu.
tanamerah.com. 86400 IN NS ns1.uk1005.siteground.eu.
;; Query time: 150 msec
;; SERVER: 35.214.40.92#53(35.214.40.92)
;; WHEN: Wed Sep 9 18:05:20 2020
;; MSG SIZE rcvd: 312
The ns1 and ns2 name servers return the same results, so there’s no corruption there.
The important part here is the A record, which is the IP address returned (35.214.121.54). Since there are no other addresses (A, AAAA or CNAME records), nobody should be seeing any other IP address.
If your Mac is producing a different IP address, then your DNS configuration may be messed up. This could be the result of an ad blocker, malware, a proxy server, an ISP’s DNS server with corrupt/expired data or something else, but that’s clearly where you need to investigate.
At this point, I’m willing to bet that your other computer (which doesn’t have any problems) is getting the correct IP address.
Checked the WordFence settings (I can login on one of my spare Macs) There were no IP blocks set up, and nothing I could see that might be blocking me from accessing the site. I disabled the WordFence plugin anyway, just in case, then tried to access the site from the problem Mac. Still no joy.
Time for bed. Tomorrow is another day. Thanks for everyone’s suggestions.
Kevan
Forgot to say: no, I’ve received no warning emails from WordFence—apart from the one when I logged into my admin account just now to turn WordFence off
Sorry I missed the original mention of other computers in household.
Catching up this convo, something to check on the “nonworking Mac” and compare to the other working Macs in the house is lookup if they are using the same IP. In terminal, type
nslookup tanamerah.com.
I’m seeing the same google content server (35.214.121.54). I’m wondering if the computers that are working are going to that, and the one that isn’t is going to 77.104.133.95. If we can confirm that’s the difference between working/not working, it’s a step in the right direction.
Looking at the Siteground site they provide tools to create a website, and tools to move a website to a production environment.
77.104.133.95 is Siteground’s development server, 35.214.121.54 is the IP of your production server.
It looks like your 15" macbook is stuck with the IP for the development machine.
In the network prefs make a new location, and fill that with the working values from one of the working machines. Make it active and reboot. See if that solves the problem.
If not, see if there is an entry in the hosts file
/etc/hosts
that overrides your DNS-queries.
@Shamino @schwartz @angusC @gdewaard
Thanks so much for all your valuable input. I clearly have a deal of investigation regarding IP addresses and DNSs, and why it is that my 15" MacBook is apparently using a different routing to all my other devices.
It’s going to be a while before I get the chance to do this. On top of this problem we are in the process of selling our house and buying another. But I will pursue the issue—I have no choice!—and will report back in a day or two.
Thanks again to all
Kevan
Here is how you check your /etc/hosts
Paste cat /etc/hosts into the Terminal window.
You should see something like this:
macpro:~ paalb$ cat /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
If something is poisoning your DNS Cache after reboot it might help to clean the cache temporarily. Quit Safari.
Paste this into your Terminal window sudo killall -HUP mDNSResponder and enter your password + return (You will get no feedback.) Try your website in Safari.
@Shamino @schwartz @angusC @gdewaard @paalb
Thanks again to all of you. I am delighted to report a resolution.
That was it.
There was one line at the bottom of the hosts file:
77.104.133.95 tanamerah.com www. tanamerah.com
It was sending my instruction to open tanamerah.com to 77.104.133.95, instead of 35.214.121.54, where it should have been going. As soon as I edited the hosts file to remove that line the issue was resolved.
How that file had a line of code added is worrying. How could any outside agent change a file within my system file structure? I certainly didn’t. I didn’t know that this ‘hosts’ file existed until this afternoon. And nobody has had physical access to my computer since i had the battery replaced under warranty back in March. I’m delighted to have found the solution to my problem—but I’m no closer to understanding how the problem arose.
Sincere thanks again to everyone who has shared their knowledge and contributed their thoughts and their time to resolving what will always remain a weird issue.
Cheers
Kevan Pegley
We may never know at this point, but since that IP address is (according to @gdewaard) a Siteground development server, I’m guessing that at some point in the past (maybe back when you originally set up the site), this entry was added so you could test out changes on that site before pushing them out to the live server and then at some point that server went away (maybe Siteground moved it elsewhere).
But we may never know at this point. Glad to hear it’s all working now.