Cannot access httpd on server [SOLVED]

General support questions
Post Reply
rtcary
Posts: 140
Joined: 2005/10/13 18:40:55
Contact:

Cannot access httpd on server [SOLVED]

Post by rtcary » 2018/02/18 00:34:05

I'm in the process of reinstalling Linux 7 on my server; in particular, LAMP. I can ping my server with

192.168.1.22 but not with
192.168.1.22:80

I have disabled selinux
firewall-cmd --list-all gives

public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s25 wlp2s0
sources:
services: ssh dhcpv6-client
ports: 80/tcp 443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

iptables -S gives

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N FORWARD_IN_ZONES
-N FORWARD_IN_ZONES_SOURCE
-N FORWARD_OUT_ZONES
-N FORWARD_OUT_ZONES_SOURCE
-N FORWARD_direct
-N FWDI_public
-N FWDI_public_allow
-N FWDI_public_deny
-N FWDI_public_log
-N FWDO_public
-N FWDO_public_allow
-N FWDO_public_deny
-N FWDO_public_log
-N INPUT_ZONES
-N INPUT_ZONES_SOURCE
-N INPUT_direct
-N IN_public
-N IN_public_allow
-N IN_public_deny
-N IN_public_log
-N OUTPUT_direct
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j INPUT_direct
-A INPUT -j INPUT_ZONES_SOURCE
-A INPUT -j INPUT_ZONES
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -j FORWARD_direct
-A FORWARD -j FORWARD_IN_ZONES_SOURCE
-A FORWARD -j FORWARD_IN_ZONES
-A FORWARD -j FORWARD_OUT_ZONES_SOURCE
-A FORWARD -j FORWARD_OUT_ZONES
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT
-A OUTPUT -j OUTPUT_direct
-A FORWARD_IN_ZONES -i enp0s25 -g FWDI_public
-A FORWARD_IN_ZONES -i wlp2s0 -g FWDI_public
-A FORWARD_IN_ZONES -g FWDI_public
-A FORWARD_OUT_ZONES -o enp0s25 -g FWDO_public
-A FORWARD_OUT_ZONES -o wlp2s0 -g FWDO_public
-A FORWARD_OUT_ZONES -g FWDO_public
-A FWDI_public -j FWDI_public_log
-A FWDI_public -j FWDI_public_deny
-A FWDI_public -j FWDI_public_allow
-A FWDI_public -p icmp -j ACCEPT
-A FWDO_public -j FWDO_public_log
-A FWDO_public -j FWDO_public_deny
-A FWDO_public -j FWDO_public_allow
-A INPUT_ZONES -i enp0s25 -g IN_public
-A INPUT_ZONES -i wlp2s0 -g IN_public
-A INPUT_ZONES -g IN_public
-A IN_public -j IN_public_log
-A IN_public -j IN_public_deny
-A IN_public -j IN_public_allow
-A IN_public -p icmp -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT

Have I missed something in the setup? Should I run another tool?

Thank you
Last edited by rtcary on 2018/02/19 15:48:12, edited 1 time in total.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Cannot access httpd on server

Post by TrevorH » 2018/02/18 00:43:33

You can't ping an ip address with a port. Ping doesn't use tcp, it uses icmp which is a totally different thing and doesn't really have ports as such.

If you want to test tcp connectivity then use telnet as that does take an ip address and a port though not using the : syntax, it's two separate parameters.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: Cannot access httpd on server

Post by hunter86_bg » 2018/02/18 00:56:19

I would recommend you to do :
1.Enable SELinux and do a relabel
2.Disable the 2 standalone ports and enable the 2 services -> http and https (OPTIONAL)
3.Use curl to test your httpd server. Please note that testing should be done from another machine.

rtcary
Posts: 140
Joined: 2005/10/13 18:40:55
Contact:

Re: Cannot access httpd on server

Post by rtcary » 2018/02/18 16:25:37

Unfortunately, I have misplaced my notes on setting up Linux 7 and LAMP so there are some aspects I cannot remember i.e. setting up httpd. Following one of the online guides, there is no reference to setting up Apache other than downloading and install it (which I have done). The assumption is made in the guide that the www location is /var/www/html, however I recall that there was a setup.

My router is setup for port 80 to be 192.168.1.22. Have I missed something?

My testing is done by other computers on my home LAN.

[For background, I'm not a user with deep Unix knowledge; rather I'm a retired software developer and have used my simple home/office computer to test my websites and MySQL structures.]

www.toddcary.com is my url

\rtc

rtcary
Posts: 140
Joined: 2005/10/13 18:40:55
Contact:

Re: Cannot access httpd on server

Post by rtcary » 2018/02/18 20:59:02

Apache is working; my test page is not.

Sorry...

\rtc

lightman47
Posts: 1521
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: Cannot access httpd on server

Post by lightman47 » 2018/02/18 22:43:56

Lacking here is how you determined that you test page isn't. If you mean that you can get to it from INSIDE your locale network, but not from the Internet - then perhaps you've not forwarded the port through your router ??

If you do get the Apache Test page but not your customized page, there could be multiple reasons. More details would be helpful. How are you trying to get to it, from where (internal/external), etc. Details are your best friend.

rtcary
Posts: 140
Joined: 2005/10/13 18:40:55
Contact:

Re: Cannot access httpd on server

Post by rtcary » 2018/02/18 22:53:58

Sorry for the lack of details. Like most details, it was the loose nut in the chair! My test had a typo — removed the test and the Apache kicked in. Then I looked carefully at the test, found and fixed the typo making all fine except the loose nut.

http://www.toddcary.com — it works!

Post Reply