AI Zone Admin Forum Add your forum

NEWS: survey on 3000 US and UK consumers shows it is time for chatbot integration in customer service!read more..

Client access to EC2 Server - Not communicating

question resubmitted below.


  [ # 1 ]

see below


  [ # 2 ]

I am trying to access my ec2 instance in PHP from a different machine via fsockopen, pointed at my ec2 public IP (I have an Elastic fixed IP address) and designated port. I am using the boiler plate files.

Behaviour: I can access the server and the application running inside from within the instance, via the public IP directly on the browser. But if I run the exact same webpage with the exact same socket call on an external machine targeting my instance’s IP address (correct one) I get a 500 Internal Server Error when connecting on port 1024 (for my custom TCP connection), another 500 on port 443 (HTTPS). On port 80 (HTTP) it hangs 20+ seconds then gives me status 200 success, except it does not connect properly to the application and responds with nothing.

I have set up my security group rules to accept incoming TCP from anywhere ( and ::/0) on ports 1024/80/443.
I ssh without problems into the instance on port 22. SCP also worked.
Checked $sudo service httpd status: running
Checked $sudo /sbin/iptables -L and all my policies are set to ACCEPT with no rules
Checked $ netstat—listen -p and the app I am targeting is listening on port
Checked Network Utility and ports 80 and 1024 are registered as open. Port 443 is not. Pinging did not work, with 100% packet loss.
I stopped and restarted the instance. I replaced the instance. Checked my instance is associated to the security group with all the permissions - it is. IP is clearly correct or I could neither ssh nor serve webpages… which I can.
I tried changing the port to 80 by doing ./LinuxChatScript64 port=80, but instead of starting CS I get “CommandLine: /home/ec2-user/ChatScript” and “evcalled pid: 4042”, then back, with the bot not building.

I think this is due diligence before asking for help… now I would be grateful for it…


  [ # 3 ]

Suggestion: Try repeating the process by compiling a simple testbot that just echoes back what you send it, or something like that, and see if that fails too.  If it does fail, that suggests the problem is not the CS bot, it’s with the hosted domain programming.  Don’t give up.  You’re doing good work.


  [ # 4 ]

That is a test bot. I have used the WEBINTERFACE/BETTER bot supplied by CS. Pretty simple - doesn’t get much simpler. Hosted domain programming is literally a clone. I think the issue is related to how CS plays with ec2. I’m missing something. Works fine in the public DNS. Not accessible outside. Not sure if I need to get it to run on port 80, or how, since ./LinuxChatScript64 port=80 doesn’t build the bot.


  [ # 5 ]


This may help:

To allow traffic on port 80 and 443, you must configure the associated security group and network access control list (network ACL).

Read more about this resolution to enable ports 80 (HTTP) and 443 (HTTPS) here…



  [ # 6 ]

Thank you Guru. My Outbound rules are set up as you suggest I believe:
HTTP (80) TCP 80
HTTP (80) TCP 80 ::/0
HTTPS (443) TCP 443
HTTPS (443) TCP 443 ::/0
Custom (1024) TCP 1024
Custom (1024) TCP 1024 ::/0

Am I missing something?


  [ # 7 ]

You mentioned, “ChatScript is listening on port” I think you meant, host IP address.  So, if port number 1024 is unused, then your users must supply that port number.



  [ # 8 ]

Thanks for the feedback and sorry if I’m being obtuse. What do you mean my users must supply the port number? What would you change? I have tried pointing “host” in ui.php at ports 80, 443 and 1024.  443 and 1024 get a 500 error and 80 a 200 that returns nothing from CS. When I tried to change the port in the CS Linux run command, the bot would not build. At a loss.


  [ # 9 ]

Your users must specify the port numbers in the URL,
unless they are the standard HTTP and HTTPS ports 80 or 443.

Some examples:



  [ # 10 ]

Dont really know what the problem is.  Default of course is on 1024 port so references to HTTP ports like 80 and the like are irrelevant.  Assigning a port on the run command does not “build the bot” if you really meant build (which I doubt).  But for now I would not do anything based off a different port. 1024 should be a fine port to be using.

Since CS works with your pages on the same machine, clearly the CS server is “running”. Which suggests a security issue of some kind. While I admit it sounds like you have good settings, and I am not an expert in this area, the only additional thing I can offer is to log into your machine and look around, and try talking to it from an arbitrary machine (my laptop) using a chatscript client and see what happens.  If you want to temporarily change your login data I you could email me your stuff and I could log in and browse.


  [ # 11 ]

Thannks Planet for the help. Isn’t that what the UI.php file in the WEBINTERFACE directory of CS is doing via fsockopen()? That is why you set a host and port. The user goes to on their normal http or https connection, and the UI displays an input form (index.php) which captures the input from the user and then forwards it to the specifc machine (ec2 server) and port we specify. That saves the users having to specify any ports.

The problem is that the handshake between the server hosting and the ec2 server seems to be lost in translation. When I specify port 80 or 443, it recognises and accepts at least 80, with a 200 response, but the message misses ChatScript. My hunch is I need to point the CS engine to run on port 80 in the server machine… but CS won’t let me in spite of manuals suggesting it should.  My understanding is that CS documentation says to type

./LinuxChatscript64 port=80

But that is recognised as a run command in the console, yet it does not build the bot (unlike appending “local”, which works).

Do you know how to change the port CS runs in?


  [ # 12 ]

Thanks Bruce, that is really helpful.

I guess I meant compile not build? It just won’t start. Still fuzzy on the engine under the hood.

Yes, my hunch is that 1024 should be working. Not sure why it isn’t. I would be very happy to give you access, it is purely a test server and bot, and once I work it out I can spin up another.  What info do you need?

DNS is
public IP is

I haven’t set up a cron job for CS to autostart, but it is running now.

Let me know if you want to ssh in, or get into AWS.

And once more thank you.


  [ # 13 ]

what I’m seeking is how to actually log in as you, browse the AWS security settings etc. obviously dont post your login details here, just email me at .(JavaScript must be enabled to view this email address)  I might want to ssh in.


  [ # 14 ]

If the port numbers aren’t blocked, running non-privileged, uses iptables to port forward 80 to 1024.


  [ # 15 ]

OK Bruce, I’ve emailed you my details, with my thanks.

Planet, as far as I can tell from the diagnostics I mentioned iptables are entirely unrestricted, with Accept policies and no filters for everything. Security group has fully open inbound rules. Nothing else is running on the server, so ports should not be blocked, and 1024 is definitely open and listening, just not to me wink


 1 2 3 > 
1 of 3
  login or register to react
‹‹ ChatScript vs ML      Naïve question ››