I have found I can no longer access my home server website externally and internally. I can ftp the directory and html pages, access the site using putty every thing is fine. When I type in 'sudo nmap -p 80 192.168.1.3' to check the port I am told

PORT STATE SERVICE
80/tcp closed http

so I assume that a firewall somewhere on my server is blocking port 80 but I don't seem to be able to find where this is occurring.
I have checked related posts in this forum but none seem to help.

Welcome to LQ.

What changed?
Are you running any firewalls - check them - check hardware routers etc for built in firewalls - do you use any automatic updates?

WHat changed, good question, I am not sure I am using Ubuntu server software I have been updating regularly myself. its using a shorewall firewall and I put in
'ACCEPT net $FW tcp 80' in to the rules file.

I've checked the iptables and have put in
ACCEPT tcp -- anywhere anywhere tcp dpt:www
but still no luck when I check the port.

If you turn off both firewalls, can you connect? Is you web server running? Is it listening on the external IP? Can you get to it by IP from the server?

Let us know,

Forrest

Hi Forrestt,
If you turn off both firewalls, can you connect?
I turned of shorewall and checked port80 - still blocked
I don't know how to turn of the other firewall you refer to.
I did try 'sudo iptables -F' to flush out the iptables all that did is hang the server requiring a reboot.

Is you web server running?
yes it is running I can connect using putty and mozilla ftp. I can look into the www directory. Start the index.html file using knome on the server so all is fine except for the port being closed.


Is it listening on the external IP?
I put 'Listen 80' in the httpd.conf file.

Can you get to it by IP from the server?
not sure what you mean here.

I am just blundering through here so sorry if I don't always understand how things are done.

Sorry, I didn't mean was the hardware running, I meant was the httpd running. You can connect with putty (sshd is running) and ftp (ftpd is running) without being able to connect to the web server (httpd is NOT running). By "Can you get to it by IP from the server?" I mean, if you go to the server console, open up firefox and type in the IP address of the server, do you get a page?

Forrest

I think iptables (if running) can be switched off with:

You could first check the status of iptables

This will tell you whether it is running.

Hi Harry,
I tried
'sudo service iptables stop'
and I get '$iptables: unrecognized service'

Hi Forrestt,
I typed in http://192.168.1.3
and I get 'refused connection'


If I type in to connect to http://google.com it connects without any trouble.

It sounds like your web server isn't running. Look at your error logs to see why.

Forrest

Can you tell me how I access the error logs forrestt?

They should be in "/var/log/httpd".

HTH

Forrest

Firewall is the first place I would check.

jaymarting, I agree, but since he's turned them off and still gets a connection refused, we're past that point.

Forrest

Hi Forrest,
I tried to look in the /var/log/httpd directory but I don't have one.
I did look in var/log/ directory
I then tried to connect to the webserver and checked the logs that updated when I tried to look at the web page but couldn't see anything of relevance with my limited understanding.

refering to your comment to jaymarting forrestt about turning the firewalls off I turned off shorewall but I don't know what others to turn off.

netstat -an | grep -E ':80|:443'


That should tell us whether ANYTHING is listening or active on port 80 or 443


Cheers,
Tink