Pre-order the new iPhone 15, iPhone 15 Plus, iPhone 15 Pro & iPhone 15 Pro Max from AT&T Now!
Need help with your equipment?
S

New Member

 • 

4 Messages

Friday, April 23rd, 2021 8:19 PM

AT&T Intentionally blocking inbound HTTP requests to home-hosted webapp.

I have a website that I'm hosting on an old laptop, 2015, and I previously have not had any problems whatsoever when it came to responses from the web server. Now, all of my requests per page take around 40 seconds to complete fulfill. In the network timing analysis of Firefox's inspection section it states that the request status is "blocked" for a certain amount of time.

Literally nothing has changed on the website. The only thing that has changed was I moved houses and now I have a new ISP, AT&T.... ugh... What's weird is that with my fiber connection I constantly get about 500+mpbs upload so I have no idea why the connection takes so long every time I try to load a page of my site.

I looked at my router's NAT firewall logs and it looks like when I try to access the website, my packet's TCP STATE get stuck in TIME_WAIT... I have no idea what that is and why it's doing that. When I curl the webpage I get instant results in my terminal but using the web browser it takes a long time. Also, when I connect both IPs to a VPN it works flawlessly which can only have one remaining factor that's causing the issue... It's AT&T.

https://preview.redd.it/fbb3bqmwbxu61.png?width=548&format=png&auto=webp&s=b308f03297d55ead841c26c8e32ca843d82b1140

New Member

 • 

9 Messages

2 years ago

Good luck buddy.  I am hosting my own on-premise email server.  No problem for 6 months.  Then all of a sudden I start having issues with incoming SMTP connections.  No other hosting issues at all, not a single problem except with incoming SMTP.  I'm now currently having to bring my incoming SMTP connections over a VPN in order to get incoming mail flow to work.  Because I can't get AT&T to even admit there is a problem.

I have analyzed the problem every which way I can.  Ran packet traces, reviewed firewall logs, state tables, etc.  I even had a colleague review everything to make sure I didn't miss something.  We both came to the same conclusion at the end.  On incoming SMTP connection.  When the incoming TCP connection attempts to establish.  A TCP SYN request can be seen coming in.  And a TCP SYN-ACK is sent back to the remote host, but the remote host never receives it.  I can see the packet hit the wire.  But I can't see what happens to it once it hits AT&T's network.  I can only confirm that the remote host never receives it.  And I can confirm that this behavior is only seen on incoming SMTP connections.  I can also confirm that everything works perfectly fine when I bring those incoming SMTP connections over a VPN.

It for this reason that my service is scheduled to be terminated at the end of the current billing cycle.  Maybe you'll have more luck than I did.

Community Support

 • 

220.9K Messages

2 years ago

Hey @Stricklandrbls, we understand that you're having trouble with your connection.

 

  • Have you setup port forwarding for the website service?
  • Have you tried using a remote tester to make sure that port is opened?
  • Are you able to reach the site using your cell phones data?
  • Is there a router behind your AT&T router?
  • Is port 443 open?
  • Have you setup SSL certificates for your website?

Please let us know so we can better assist you.

 

Charles, AT&T Community Specialist

New Member

 • 

4 Messages

2 years ago

  • Have you setup port forwarding for the website service? Yes of course or I wouldn't have been able to test this like I said I did....
  • Have you tried using a remote tester to make sure that port is opened? Yes, I've tested from many different remote sources.
  • Are you able to reach the site using your cell phones data? Yes but the connections are still blocked for 30-60 seconds per request.
  • Is there a router behind your AT&T router? No
  • Is port 443 open? Port 80 for HTTP only
  • Have you setup SSL certificates for your website? No

Community Support

 • 

220.9K Messages

2 years ago

Hey @stricklandrbis.

 

  • Ok, open port 443 as well and point it to the Web server.
  • It sounds like your browser is trying to make a secure connection first which uses port 443.
  • You said when you use curl you are not having any issues.
  • That tells me that the issue is in the browser connection. See if opening port 443 works better.
  • You may need to setup SSL as well for your site
  • Using the default should work but the certificate will not be trusted. So the browser will warn you and you would have to accept it until you create a proper SSL certificate.
Please let us know if that helps.
 
Charles, AT&T Community Specialist
 

New Member

 • 

4 Messages

2 years ago

Ok well I don't quite understand how port 443 being open would help the situation since I have no SSL key exchange attempts happening and when I hosted this site on my other ISP I never had issues but I went ahead and did what you said but with 443 being open, server restarted and using multiple browsers, I'm still waiting ~40 seconds for pages to load.

I've tried multiple browsers on multiple different operating systems and even have had my friends try to access the site. ALl with the same results. I can guarantee it's not an issue with the browser being used.

I do agree with you though about the curl to my API being instantaneous since curl is just another HTTP request and if my router was holding HTTP requests for the time then that would also be slowed down...

Community Support

 • 

220.9K Messages

2 years ago

@stricklandrbis, we are happy to help with your specific networking concerns.

 

AT&T ConnecTech provides solutions for your computer and home network needs.

  • Whether your computer is running slow, not responding, or has completely crashed, AT&T ConnecTech can provide fast, expert help, when you need it.
  • To learn more visit our website or call 866.294.3464.

If you have any additional concerns, please feel free to reach out to us.

Thank you for contacting us on AT&T Community Forums!

 

Lafayette, AT&T Community Specialist

New Member

 • 

4 Messages

2 years ago

So I called that number and they told me they changed some settings in the router and then to restart it. After the restart my router could never get a connection so now I had to take a day off of work to wait for the technician to come out and replace the router...

Not even to mention the fact that I still cannot get a single request to my server to work in a timely, normal, manner.

New Member

 • 

1 Message

9 months ago

I'm having this problem too. I'd switch away from AT&T but my building has set things up so that AT&T is the ONLY provider. I plan on complaining to the FTC for whatever that will do.

Not finding what you're looking for?