I have VestaCP and Debian 9 just installed. I have installed ufw and opened port 443. In VestaCP> Firewall I have verified that it is open I have added port 443 to iptables
sudo iptables -A INPUT -p tcp --dport 443 --jump ACCEPT
Check with nmap or telnet and it’s always closed … why? What’s going on? Can somebody help me?
Thanks!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi, were you able to fix the port 443 problem for vestacp? I am installing the centos and something similar happens to me; I can’t even load the vesta login page.
Sorry, but I use Linux on desktop and I’m testing on server. I have only instilled the debian 9 dropplet and installed vesta. Then install uwf and added to iptables. Only that.
The vestacp firewall (web version) shows port 443 open.
To allow outgoing connections … how is it done? with uwf?
I can ping all ports except 443. The ip is this: 174.138.39.157
I think the main problem is that at some point that port is closed. I don’t know if it’s the operating system, apache, vestacp … I don’t know :(
Forgive me my ignorance. And my English too, I am Spanish.
Thank you very much!
telnet localhost 443
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
**iptables -L **
Chain INPUT (policy DROP)
target prot opt source destination
f2b-sshd tcp -- anywhere anywhere multiport dports ssh
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
fail2ban-VESTA tcp -- anywhere anywhere tcp dpt:5600
fail2ban-MAIL tcp -- anywhere anywhere multiport dports smtp,urd,submission,2525,pop3,pop3s,imap2,imaps
fail2ban-FTP tcp -- anywhere anywhere tcp dpt:ftp
fail2ban-VESTA-ADMIN tcp -- anywhere anywhere tcp dpt:5600
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 10.10.0.5 anywhere
ACCEPT all -- 174.138.39.157 anywhere
ACCEPT all -- localhost anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:5600
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere multiport dports ftp,12000:12100
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission,2525
ACCEPT tcp -- anywhere anywhere multiport dports pop3,pop3s
ACCEPT tcp -- anywhere anywhere multiport dports imap2,imaps
ACCEPT tcp -- anywhere anywhere multiport dports mysql,postgresql
DROP tcp -- anywhere anywhere tcp dpt:8083
ACCEPT icmp -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain f2b-sshd (1 references)
target prot opt source destination
REJECT all -- 134.209.115.206 anywhere reject-with icmp-port-unreachable
REJECT all -- pool-68-9-123-181.telecel.com.py anywhere reject-with icmp-port-unreachable
REJECT all -- 222.186.180.17 anywhere reject-with icmp-port-unreachable
REJECT all -- 121.162.131.223 anywhere reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
Chain fail2ban-FTP (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-MAIL (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-SSH (1 references)
target prot opt source destination
REJECT all -- 134.209.115.206 anywhere reject-with icmp-port-unreachable
REJECT all -- pool-68-9-123-181.telecel.com.py anywhere reject-with icmp-port-unreachable
REJECT all -- 222.186.180.17 anywhere reject-with icmp-port-unreachable
REJECT all -- 121.162.131.223 anywhere reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
Chain fail2ban-VESTA (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-VESTA-ADMIN (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain vesta (0 references)
target prot opt source destination
nmap 174.138.39.157
Starting Nmap 7.40 ( https://nmap.org ) at 2019-10-18 10:12 UTC
Nmap scan report for 174.138.39.157
Host is up (0.000014s latency).
Not shown: 985 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
465/tcp open smtps
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
2525/tcp open ms-v-worlds
3306/tcp open mysql
8080/tcp open http-proxy
8443/tcp open https-alt
Click below to sign up and get $100 of credit to try our products over 60 days!
hi
You don’t give a lot of information, but let’s have a think about these:
Hope this helps you a bit