发表新帖
发表新帖

apache not accepting incoming connections from outside of localhost

前端 未结
关注
11 895
逝去的感伤
逝去的感伤 2020-12-04 05:59

I\'ve booted up a CentOS server on rackspace and executed yum install httpd\'d. Then services httpd start. So, just the barebones.

I can ac

相关标签:
11条回答
  • 孤独总比滥情好
    2020-12-04 06:53

    SELinux prevents Apache (and therefore all Apache modules) from making remote connections by default.

    # setsebool -P httpd_can_network_connect=1
    0 讨论(0)
  • 情话喂你
    2020-12-04 06:55

    this is what worked for us to get the apache accessible from outside:

    sudo iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
sudo service iptables restart
    0 讨论(0)
  • 孤街浪徒
    2020-12-04 06:57

    If you are using RHEL/CentOS 7 (the OP was not, but I thought I'd share the solution for my case), then you will need to use firewalld instead of the iptables service mentioned in other answers.

    firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload

    And then check that it is running with:

    firewall-cmd --permanent --zone=public --list-all

    It should list 80/tcp under ports

    0 讨论(0)
  • 醉梦人生
    2020-12-04 07:01

    CentOS 7 uses firewalld by default now. But all the answers focus on iptables. So I wanted to add an answer related to firewalld.

    Since firewalld is a "wrapper" for iptables, using antonio-fornie's answer still seems to work but I was unable to "save" that new rule. So I wasn't able to connect to my apache server as soon as a restart of the firewall happened. Luckily it is actually much more straightforward to make an equivalent change with firewalld commands. First check if firewalld is running:

    firewall-cmd --state

    If it is running the response will simply be one line that says "running".

    To allow http (port 80) connections temporarily on the public zone:

    sudo firewall-cmd --zone=public --add-service=http

    The above will not be "saved", next time the firewalld service is restarted it'll go back to default rules. You should use this temporary rule to test and make sure it solves your connection issue before moving on.

    To permanently allow http connections on the public zone:

    sudo firewall-cmd --zone=public --permanent --add-service=http

    If you do the "permanent" command without doing the "temporary" command as well, you'll need to restart firewalld to get your new default rules (this might be different for non CentOS systems):

     sudo systemctl restart firewalld.service

    If this hasn't solved your connection issues it may be because your interface isn't in the "public zone". The following link is a great resource for learning about firewalld. It goes over in detail how to check, assign, and configure zones: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7

    0 讨论(0)
  • 梦谈多话
    2020-12-04 07:01

    Set apache to list to a specific interface and port something like below:

    Listen 192.170.2.1:80

    Also check for Iptables and TCP Wrappers entries that might be interfering on the host with outside hosts accessing that port

    Binding Docs For Apache

    0 讨论(0)
 看不清?
提交回复
热议问题