Nginx 没有从远程框外部做出响应

我的网站 (Django/nginx/gunicorn/mysql) 托管在远程机器上，之前一直运行良好，直到我出于某种原因决定重新启动远程机器。因此，重新启动后，在远程机器中，当我说它curl -IL -H -GET my.web.address运行良好时。但是，当我从外部尝试相同的命令时，它会报告curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to my.web.address。

任何帮助都非常感谢。以下是我检查过的相关内容。

我使用的是 CentOS 7 系统。我主要使用本教程

nginx 正在监听正确的端口

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      3425/nginx: master  
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3425/nginx: master

防火墙（参见 ufw 结果）允许我的端口

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22/tcp (SSH)               ALLOW IN    Anywhere                  
224.0.0.251 5353/udp (mDNS) ALLOW IN    Anywhere                  
22                         ALLOW IN    Anywhere                  
80                         ALLOW IN    Anywhere                  
443                        ALLOW IN    Anywhere                  
22/tcp (SSH (v6))          ALLOW IN    Anywhere (v6)             
ff02::fb 5353/udp (mDNS)   ALLOW IN    Anywhere (v6)             
22 (v6)                    ALLOW IN    Anywhere (v6)             
80 (v6)                    ALLOW IN    Anywhere (v6)             
443 (v6)                   ALLOW IN    Anywhere (v6)

状态

SELinux status: disabled

输出nmap以检查端口状态

nmap -sT my.ip.address

PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
443/tcp  open  https
3306/tcp open  mysql

内容nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

我的服务器块nginx.conf

server {
    server_name my.ip.address my.web.address;
    error_log /srv/www/myweb/logs/error.log;
    access_log /srv/www/myweb/logs/access.log;
    charset utf-8;

    location /static/{
        alias /srv/www/myweb/latestRelease/mywebDB/app/src/static/;
    }

    location /{
        proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/srv/www/myweb/latestRelease/mywebDB/mywebdb.sock;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/my.web.address/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/my.web.address/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = my.ip.address) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = my.web.address) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

      listen 80;
      server_name my.ip.address my.web.address;
    return 404; # managed by Certbot

}

我检查了我的 sock 文件权限，它们由相应的用户正确启动。文件权限设置正确。

gunicorn.service文件内容

[Unit]
Description=gunicorn daemon
After=network.target

[Service]
User=user
Group=nginx
WorkingDirectory=/srv/www/myweb/latestRelease/mywebDB/app/src
ExecStart=/srv/www/myweb/latestRelease/mywebDB/app/bin/gunicorn --workers 3 --bind unix:/srv/www/myweb/latestRelease/mywebDB/mywebdb.sock app.wsgi:application

[Install]
WantedBy=multi-user.target

同时，为了确保我的问题与 Let's 加密服务器证书无关，我对我的nginx.confHTTP 做了一些更改。

curl -IL -GET my.domain.name下面是我在远程机器上运行它时的输出：

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 06 Mar 2020 08:26:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 7918
Connection: keep-alive
X-Frame-Options: SAMEORIGIN

当我使用 IP 地址运行时，我得到与上面相同的输出。

当我从笔记本电脑运行 curl 时，我得到了curl: (52) Empty reply from server包含域名和 IP 地址的响应。

我用笔记本电脑 ping 了服务器（同时使用 IP 和域名），它们发送/接收数据包。域名与 IP 正确映射。我还使用以下方法验证了这一点nslookup

由于我禁用了 HTTPS，所以 TLS 版本并不重要，不是吗？

此外，我使用 ufw 禁用了防火墙。然后，我查看了规则iptables -L。我是这个领域的新手，但对我来说，远程服务器的结果似乎被设计为接受任何传入连接。

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited