nginx or port 80 unreachable

Question

After some server hardening, and installing NGINX (whitout modifying the configuration) I somehow cant access nginx from outside anymore.

Sadly, I'm not at all an expert in theese things. The hardening was done over various manuals / tutorials (putting up ufw, ssh hardening, etc).

On a local machine, I dont seem to have any problems setting up NGINX and running it locally - so I guess it has to do with the hardening.

After reading trough some similar problems, trying out different solutions, etc, I'm still at the beginning: Calling the server (oder domain or over IP) results in a 'page unavailable' after about 1 Minute of waiting.

How can I analyze the problem? What informations are required, to find the bottleneck? (if it's ufw, nginx, - whatever?) The target is, to finally see the 'welcome to nginx' page. Do I need a certain ARP entry, to be reachable over an external IP?

If you can tell me what commands to execute, I'll add the informations below.

Edit: It seems to be an ufw issue. After removing 'deny in to any' nginx seems to be reachable (i tought I already tried that, put apparently the first time around it didnt work) - the question now is, what port is blocked that is requried by NGINX? Port 80 was open, does NGINX require another one to work? (since I would like to close the IN ports not required)

---

Things I tried out:

/var/log/nginx/access.log and /var/log/nginx/error.log both have no entries

-

# lsof -i:80
COMMAND   PID     USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
nginx   11512     root    7u  IPv4 3215792      0t0  TCP *:http (LISTEN)
nginx   11513 www-data    7u  IPv4 3215792      0t0  TCP *:http (LISTEN)
nginx   11514 www-data    7u  IPv4 3215792      0t0  TCP *:http (LISTEN)
nginx   11515 www-data    7u  IPv4 3215792      0t0  TCP *:http (LISTEN)
nginx   11516 www-data    7u  IPv4 3215792      0t0  TCP *:http (LISTEN)

-

# ufw status
Status: active

To                         Action      From
--                         ------      ----
3456                       LIMIT       Anywhere
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
Anywhere                   DENY        Anywhere
3456                       ALLOW       Anywhere (v6)
80                         ALLOW       Anywhere (v6)
443                        ALLOW       Anywhere (v6)
Anywhere (v6)              DENY        Anywhere (v6)

53                         ALLOW OUT   Anywhere
80                         ALLOW OUT   Anywhere
123                        ALLOW OUT   Anywhere
443                        ALLOW OUT   Anywhere
Anywhere                   DENY OUT    Anywhere
53                         ALLOW OUT   Anywhere (v6)
80                         ALLOW OUT   Anywhere (v6)
123                        ALLOW OUT   Anywhere (v6)
443                        ALLOW OUT   Anywhere (v6)
Anywhere (v6)              DENY OUT    Anywhere (v6)

-

# netstat -ltnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      11512/nginx     
tcp        0      0 0.0.0.0:3456            0.0.0.0:*               LISTEN      886/sshd        
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      10909/php-fpm.conf)

Answer 1

ufw was the cause of the problem. DENY IN TO ANY caused the issue - I removed the rule and changed it to UFW DEFAULT DENY. Now NGINX seems to be reachable (even tough, port 80 was always open even before)

Even if I'm not sure what's the difference (?)