i have a question, can i use SSL certificate on port 8080 with let's encrypt?? because i have Varnish on port 80 and apache2 on port 8080 and 443
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1333884/varnishd
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 1168629/systemd-res
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 27647/sshd: /usr/sb
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1837/master
tcp 0 0 127.0.0.1:6082 0.0.0.0:* LISTEN 1333884/varnishd
tcp6 0 0 :::33060 :::* LISTEN 1079271/mysqld
tcp6 0 0 :::3306 :::* LISTEN 1079271/mysqld
tcp6 0 0 :::8080 :::* LISTEN 1335593/apache2
tcp6 0 0 :::80 :::* LISTEN 1333884/varnishd
tcp6 0 0 :::22 :::* LISTEN 27647/sshd: /usr/sb
tcp6 0 0 ::1:25 :::* LISTEN 1837/master
tcp6 0 0 :::443 :::* LISTEN 1335593/apache2
and if i try to install ssl i get this error
Domain: my_domain
Type: unauthorized
Detail: Invalid response from
http://my_domain/.well-known/acme-challenge/wtWGU-02etvPPcCMHS_XbDZz6zC6uaFl5sMKwdcwdNw
[ip_address]: 503
I'm pointing the domain with Record A and AAAA, it's almost 24hrs that I've pointed it
Related
I've just installed a Nagios on Centos 7.
I followed the same procedure used for my test environment.
Only difference between test and prod is that the server was not prepared by me, but was an automatic provisioning.
Anyway, i'm failing to undestand why the Nagios web page (and the Apache standard page) is not reachable.
I've already checked with network team for ports blocked and they told me that the traffic is not blocked.
What is wrong with this server?
Here is the config.
# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1503/mysqld
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 12139/httpd
tcp 0 0 127.0.0.1:50000 0.0.0.0:* LISTEN 616/oneagentwatchdo
tcp 0 0 127.0.0.1:50001 0.0.0.0:* LISTEN 616/oneagentwatchdo
tcp 0 0 127.0.0.1:50002 0.0.0.0:* LISTEN 616/oneagentwatchdo
tcp 0 0 127.0.0.1:50003 0.0.0.0:* LISTEN 616/oneagentwatchdo
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1758/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1568/master
tcp6 0 0 :::22 :::* LISTEN 1758/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1568/master
udp 0 0 0.0.0.0:68 0.0.0.0:* 837/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:* 565/chronyd
udp6 0 0 ::1:323 :::* 565/chronyd
FirewallD is "Inactive".
Even if was active the list of port and service would be:
# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client http ssh
ports: 80/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Iptables is not installed and therefore not active
SELinux status: disabled
I'm still thinking that there is a block somewhere but i cannot identify where it could be.
I have Plesk on my server that is using both ports as:
#netstat -lnp | grep 443
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 5513/sw-cp-server:
tcp6 0 0 :::443 :::* LISTEN 32660/httpd
tcp6 0 0 :::8443 :::* LISTEN 5513/sw-cp-server:
unix 2 [ ACC ] STREAM LISTENING 110443 31339/dovecot /var/run/dovecot/stats
Best regards
Yes, you can. http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html (First Google hit, incidentally)
I have a t2.medium ec2 instance which runs apache. Everything was fine till today morning but suddenly apache stopped working and does not restart again.
[ec2-user#ip-172-31-3-46 ~]$ sudo service httpd start
Starting httpd: [FAILED]
[ec2-user#ip-172-31-3-46 ~]$ service httpd start
Starting httpd: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
[FAILED]
Then we checked where port 80 is already listening.
[ec2-user#ip-172-31-3-46 ~]$ sudo netstat -tupln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2204/rpcbind
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2392/sshd
tcp 0 0 0.0.0.0:38935 0.0.0.0:* LISTEN 2225/rpc.statd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2714/sendmail
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2664/mysqld
tcp 0 0 :::111 :::* LISTEN 2204/rpcbind
tcp 0 0 :::22 :::* LISTEN 2392/sshd
tcp 0 0 :::46232 :::* LISTEN 2225/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 2090/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:* 2204/rpcbind
udp 0 0 172.31.3.46:123 0.0.0.0:* 2416/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 2416/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 2416/ntpd
udp 0 0 0.0.0.0:51407 0.0.0.0:* 2225/rpc.statd
udp 0 0 0.0.0.0:683 0.0.0.0:* 2204/rpcbind
udp 0 0 127.0.0.1:708 0.0.0.0:* 2225/rpc.statd
udp 0 0 :::111 :::* 2204/rpcbind
udp 0 0 :::683 :::* 2204/rpcbind
udp 0 0 :::40147 :::* 2225/rpc.statd
But there is no sign of port 80 in this.
We need to go live today but this has posed a major problem? Can someone please suggest what to do?
Try this: pidof httpd or pidof apache2 (depending on the distro running on that t2micro aws instance). If it returns any pid then kill that pid or those pids manually issuing a kill -9 pid then try restarting apache. If that doesn't work you should investigate the apache logs. That should give you more info about what is preventing apache to start and a possible way to fix the issue so you can start apache. Deploying a new instance is not going to help you to start the apache on your current instance and/or figure out the current issue.
I'm running apache2 on a CentOS 6.7 VM. My PHP website was working fine before a reboot but afterwards I'm getting 504 Gateway Timeout.
$ telnet <MYIP> 80
Trying <MYIP>...
Connected to <MYHOSTNAME>.
Escape character is '^]'.
HTTP/1.0 504 Gateway Timeout
Gateway Timeout: can't connect to remote host
Connection closed by foreign host.
I've been googling for hours but can't find anything that works. The website works locally i.e. if I wget http://localhost:80/.
My iptables is as follows:
$ sudo netstat -plnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1556/rpcbind
tcp 0 0 0.0.0.0:35443 0.0.0.0:* LISTEN 1578/rpc.statd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1745/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1782/postmaster
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1866/master
tcp 0 0 ::ffff:127.0.0.1:8005 :::* LISTEN 2736/java
tcp 0 0 :::8009 :::* LISTEN 2736/java
tcp 0 0 :::111 :::* LISTEN 1556/rpcbind
tcp 0 0 :::80 :::* LISTEN 2854/httpd
tcp 0 0 :::8080 :::* LISTEN 2736/java
tcp 0 0 :::54644 :::* LISTEN 1578/rpc.statd
tcp 0 0 :::22 :::* LISTEN 1745/sshd
tcp 0 0 ::1:5432 :::* LISTEN 1782/postmaster
tcp 0 0 ::1:25 :::* LISTEN 1866/master
enter code here
Any ideas what could be wrong or how to troubleshoot this?
After having restarted apache many times and trying to set firewall rules again I did both again and it worked.
I've no clue what the issue was so still interested if anyone knows.
I'm trying to change rabbitmq to another port,but in some low port it can't be start.for example 79 or 54 or any port under ~300.It can be started at port which is higher than 1000
Rabbitmq configuration file:
[{rabbit,[{loopback_users,[]},{tcp_listeners,[72]}]}].
captured tcp ports:
# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 9602/clamd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 10224/nginx
tcp 0 0 0.0.0.0:4369 0.0.0.0:* LISTEN 1938/epmd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1073/sendmail
tcp 0 0 0.0.0.0:50683 0.0.0.0:* LISTEN 7393/sshd
tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 29876/beam
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 5206/php-fpm
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 15475/mongod
logs:
#tailf /var/log/rabbitmq/startup_err
Crash dump was written to: erl_crash.dump
init terminating in do_boot ()
#tailf /var/log/rabbitmq/startup_log
{bad_return,
{{rabbit,start,[normal,[]]},
{'EXIT',
{rabbit,failure_during_boot,
{could_not_start_tcp_listener,{"::",72}}}}}}}