We are using cPanel with CSF Firewall.
The port 443 getting blocked in CSF firewall and all the websites running with https getting stooped automatically.
There is no issue with port 80 and websites running without SSL working fine.
If we restart the CSF firewall, the websites are started working again. But after sometime again facing the same issue.
You can open ports via CSF in /etc/csf/csf.conf:
TCP_IN = "80,443"
After appending ports you have to execute this command to apply your changes:
csf -r
Related
I'm attempting to get Xdebug connecting to my PhpStorm from an EC2 instance.
I have opened up port 9000 on the security group tied to the EC2 instance.
Prior to opening it up with UDP, I would get:
telnet: connect to address <IP>: Connection refused
telnet: Unable to connect to remote host```
After opening it up, I get:
Trying <IP>... and it just hangs there.
I port forwarded 9020 internally to 9000 externally to see if that would give any different results (since I can't find a setting on the router for simply opening up ports)
My xdebug.ini setting is located at: /etc/php-5.6.d/50-xdebug.ini (yes, very old version of PHP that I have to work with here).
My xdebug.ini contains this:
xdebug.remote_autostart=on
xdebug.remote_enable=on
xdebug.idekey=PHPSTORM
xdebug.remote_connect_back = On
xdebug.remote_port=9000
xdebug.remote_handler=dbgp
xdebug.remote_mode = req
I'm using PhpStorm, and have it listening on port 9020 now (tried 9000 prior to port forwarding with the same result).
I have the Xdebug browser extension installed and have it set to PHPSTORM.
I have stop on first line turned on, as well as breakpoints just in case.
Xdebug is set to listen.
When I hit the PHP page from my browser, nothing happens. I've had this working dozens of times, but never from an EC2 instance. Any idea what I missed?
I have Centos7 VM built using vagrant with private IP address of:192.168.56.255
I am running my Spring boot application on that VM on port 8443. It supports HTTPS. My issue is that when try to send https requests to 192.168.56.255 web server via Curl command i got
curl: (7) Couldn't connect to server
I have read many tutorials that explain how to configure my Firewall in Cento7 but still got the same issue one is provided by DigitalOcean
When I type
sudo firewall-cmd --list-all-zones
I got
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: ssh dhcpv6-client https http mysql
ports: 8443/tcp 3306/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
As you can see I enabled everything I need and more but still. I even shut down the Firewall but still the connection is refused from my host.
When I made the changes I did reload my firewall
sudo firewall-cmd --realod
So that is not the problem
The problem was not with the Firewalld but with the pre-configured IP address using Vagrant.
The IP address should not be 255 in the first byte as I did 192.168.56.255
because that indicates that this is a broadcast address. So i solved it by changing it to 192.168.56.10
I'm trying to connect to a WebSocket server (PHP / Wrench) running on my webserver.
The configuration of the server looks like this:
$server = new \Wrench\Server("wss://localhost:8443");
$server->registerApplication('app',
new \Wrench\Application\EchoApplication());
$server->run();
I'm using port 8443 because I can't use 80 or 443 (Permission denied). The domain uses HTTPS so I have to use the wss: protocol.
I have no problem connecting to the PHP server when I run the script on my local machine (I just have to replace wss: by ws:).
When I run the server via SSH on my remote webserver, it seems to run correctly, but trying to connect to it via JS with the following call doesn't work:
var ws = new WebSocket("wss://dev.mydomain.net:8443/app");
I get an "Error in connection establishment: net::ERR_CONNECTION_REFUSED."
On my webserver panel control, the 8443 port (TCP) is open (in and out). When the PHP server is running, the command netstat -a | grep 8443 gives the following output, which I think should confirm it's open:
tcp 0 0 localhost:8443 *:* LISTEN
Is there an obvious detail I'm missing here?
I finally found a solution: instead of setting the URI of the server to localhost, I had to use 0.0.0.0. Now it works perfectly when I'm using HTTP (there's another problem when using HTTPS, but at least I have more information at this point).
I have a Centos 7 OS configured on VirtualBox machine. I have installed X509 certificate using Openssl tool and configured the apache HTTPD server.
I connect to Centos7 guest on VirtualBox via SSH on my local MAC OSX Seirra (10.12.3) on terminal using root. I have verified that /etc/host on my MAC is correctly pointing to the guest on VirtualBox. Also verified the port forwarding on VirtualBox and they are all setup correctly for allowing traffic on 80 (http) and 443 (https) and 22 (ssh).Also I have made sure that Apache user has proper previleges on the index.html and other folders under DocumentRoot folder. I have also verified that /etc/host on my MAC is correctly pointing to a guest running on VirtualBox.
I have set the firewall to :
setenforce 0
So hopefully it is not a SELinux issue.
Then I run following command on terminal as root user of my Centos7 OS :
curl https://localhost -k
and I do get the default index.html file content.
But then, when I go to my MAC OS browser to connect to VirtualBOX website on HTTPS, I see following message on Chrome browser :
This site can’t be reached localhost refused to connect.
Please note that I can connect to my Vbox CentOS HTTPD server on HTTP.
So what is going wrong here when trying to access the apache server using HTTPS?
You must enable access to https using firewall-cmd:
# firewall-cmd --permanent --add-service=https
or
# firewall-cmd --permanent --add-port=443/tcp
then reload the rules
# firewall-cmd --reload
Try this once.
systemctl stop firewalld
After that try to access website.
I am trying to run putty on Windows 7.
I need to run some SSH commands to upgrade Magento. Every time putty gives me this fatal error:
network error: connection refused
I have even tried to use it through winSCP. Note that putty is running fine on my client's side, but for me it's giving me that error every time.
I tried using port 22, 23 and a few others without success. I have also tried with Windows Firewall both enabled and disabled.
Thank you.
Install open-ssh or ssh in target Linux machine solved my problem .
Use below commands:
sudo apt install ssh
sudo systemctl status ssh
sudo systemctl enable ssh
The following are the list of possibilities of this error:
1) Common cause is - Your IP is blocked or not whitelisted in the server which can be done by editing the file at /etc/csf/csf.conf
2) Disable the windows firewall settings and check..
The above two things should work in most of the cases
3) This is very unusual and when the above two options fails it is very difficult to find the solution
In this case the traceroute to the server host or IP works usually but putty fails
port 22 looks normal and working but connection fails and restarting SSH (service ssh restart) also does not work
reboot or restart the server but still fails
Adding IP in firewalls or whitelisting the local IP may not workout
This case generally happens when the server is migrated or new server. IP of the old server might be whitelisted locally, but don't have port 22 open, or some other local filtering is occurring for this new IP but not the old server IP..
In this case you need to change the port to some 522 or 530 some unusual port will help in sorting it out.. The same port you have to use for the SFTP connection also .. where as FTP connections works normally..
or you have to whitelist the IP locally or open the TCP in and out to port 22 if you want to use the port 22..