1

Os system of ecs server :ubuntu. Os of my computer:win10. I deployed my web project to my ecs server. I could access my project online until I installed the ufw on my ecs server. I configured the firewall using ufw command and the configuration showed as below. When I visited my project ,it showed "I can't access this website".

root@....:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
3306                       ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
8080                       ALLOW       Anywhere                  
23                         ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
3306 (v6)                  ALLOW       Anywhere (v6)             
80 (v6)                    ALLOW       Anywhere (v6)             
8080 (v6)                  ALLOW       Anywhere (v6)             
23 (v6)                    ALLOW       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)

When i visited my project using my win10 computer,it showed "I can't access this website".Then I click the "windowns network diagnosis".It said"The remote computer is not accepting connections on port 80, either due to firewall or security policy settings, or because the service may be temporarily unavailable. Windows can't find any problems with the computer's firewall." But the 80 port is open!So ,Where is the problem? Here is the nginx configuration after I excute the command "nginx -T":

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
user  nginx;
worker_processes  auto;
error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
access_log  /var/log/nginx/access.log  main;
sendfile        on;
#tcp_nopush     on;
keepalive_timeout  65;
#gzip  on;
#include /etc/nginx/conf.d/*.conf;
server{
    listen 80;
    location /{
            root   /usr/local/nginx/html;
            index  index.html;
                }
    location /api/ {
           proxy_pass http://127.0.0.1:8080/;
                 }
        }
}

Thank you for your suggestions.I will wait online.

Abner
  • 11
  • 3
  • 1
    For a lengthy approach to debugging connectivity and firewall issues see an older answer of mine here: https://serverfault.com/a/1109720/37681 - and – HBruijn Sep 08 '22 at 10:52
  • What does `curl -v url` say. Is there a webserver running like apache or nginx? Check with netstat if you have something listening on port 80 `sudo netstat -lntup | grep ":80"` – Ace Sep 08 '22 at 23:03
  • @Ace Failed to connect to ip port 80:Timed out – Abner Sep 08 '22 at 23:10
  • tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7733/nginx: worker – Abner Sep 08 '22 at 23:10
  • You need to look at your webserver configuration, it's not listening on port 80. – Ace Sep 08 '22 at 23:16
  • I added the configuration of nginx to my description. But,”server listien 80“ is in the configuration. – Abner Sep 08 '22 at 23:25
  • What your connection url is look like? Do you use **https**? If so your nginx should listen 443 and ssl configured. – gapsf Sep 09 '22 at 05:52
  • I bought a ecs server which gave me its ip.I vist my website through ip in the chrome.I guess I use http. – Abner Sep 13 '22 at 00:55

1 Answers1

0

If you are trying to access your ECS server securely (ssl connection), you might need to also open TCP port 443 to allow your browser to use https.

Luca Ricci
  • 65
  • 5
  • I have opened the 443,but it didn't work.I have added some details in my problem description.You can see it. – Abner Sep 08 '22 at 22:58