website is not loading

agriz · 12-01-2011, 04:36 AM

Hi

I have done the following

1) Changed ssh port
2) disabled root login through ssh
3) Installed few firewalls
4) block everything in iptables except 80,8080 and ssh port
5) Finally installed apache php mysql and phpmyadmin

Started the services but when hitting the ipaddress in the browser, i don't see any output

I have just added a index.html in /var/www/html/index.html

acid_kewpie · 12-01-2011, 05:29 AM

what would ssh have to do with apache? you need to appreciate what is and what is not relevant here.

is apache running? What does "any output" mean? clearly *something* must happen. where are you browsing from? can you ping the box? etc.?

agriz · 12-01-2011, 05:35 AM

SSH has nothing to do. I just wanted to tell whatever i did in the order.
httpd is running

I guess, I should have missed some settings or something should be blocking 80. I am not able to find those things

When i type the ip address in the url (domain is not configured to nameservers right now)
I am getting the following

Quote:

Oops! Google Chrome could not connect to xxx.xxx.xxx.xxx

When i ping my ip address, I am getting result

Quote:

64 bytes from xxx.xxx.xxx.xxx: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from xxx.xxx.xxx.xxx: icmp_seq=2 ttl=64 time=0.032 ms
64 bytes from xxx.xxx.xxx.xxx: icmp_seq=3 ttl=64 time=0.024 ms
64 bytes from xxx.xxx.xxx.xxx: icmp_seq=4 ttl=64 time=0.012 ms

Additionally,

/etc/hosts

Quote:

xxx.xxx.xxx.xxx server1.example.com server1

The public DNS are 4.2.2.2 and 4.2.2.1

acid_kewpie · 12-01-2011, 05:52 AM

so what are your iptables rules? does netstat show apache is listening? can you telnet to the port from your client? can you connect from the server itself?

agriz · 12-01-2011, 05:59 AM

Quote:

httpd 12697 root 4u IPv6 99363 0t0 TCP *:80 (LISTEN)

I don't see any IPv4
is that normal?

agriz · 12-01-2011, 06:01 AM

Iptable rules

Quote:

iptables -p input drop

Quote:

iptables -a input i eth0 -p tcp --dport 80 -j accept

Quote:

iptables -a input i eth0 -p tcp --dport 8080 -j accept

Quote:

iptables -A INPUT -p tcp --dport 22 -m recent --set --name ssh --rsource
iptables -A INPUT -p tcp --dport 22 -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT

I can connect to the server from home using ssh.
I don't have telnet in server, bash: telnet: command not found

agriz · 12-01-2011, 06:21 AM

I just stopped iptables and it is working.
What could be the reason?
Is someother port needed except 80?

How do i delete all the iptables rules to create new rules freshly?

acid_kewpie · 12-01-2011, 06:48 AM

I don't know what the reason is, as you've not shown me the actual rules, just your additions.

iptables -Lnv

What distro is this on?

agriz · 12-01-2011, 06:49 AM

I have restarted IPTables now

iptables -Lnv
iptables: No chain/target/match by that name.

deep27ak · 12-01-2011, 07:03 AM

Quote:

Originally Posted by agriz

I just stopped iptables and it is working.
What could be the reason?
Is someother port needed except 80?

How do i delete all the iptables rules to create new rules freshly?

you can try this

Code:

# iptables -D input i eth0 -p tcp --dport 80 -j accept

and add a new rule

Code:

# iptables -A INPUT -i eth0 -d 192.168.0.0/24 -p tcp --dport 80 -j ACCEPT

(make changes in the range as per your network)

acid_kewpie · 12-01-2011, 07:19 AM

well as you've stopped iptables there are no rules to show... start it again.

agriz · 12-01-2011, 08:36 AM

Server is down. I will update soon.

agriz · 12-01-2011, 11:27 AM

Quote:

service iptables start

Quote:

iptables -Lnv

Quote:

No chain/target/match by that name.

Quote:

iptables -D input -i eth0 -p tcp --dport 80 -j accept

Quote:

iptables v1.4.7: Couldn't load target `accept':/lib64/xtables/libipt_accept.so: cannot open shared object file: No such file or directory

I don't have any rule in iptables now?

agriz · 12-01-2011, 01:12 PM

I am using CentOS 6

d3vrandom · 12-01-2011, 06:36 PM

Post the output of:

Quote:

iptables -nL

The others gave you the wrong command..