Question

443 port closed with vestacp, why?

I have VestaCP and Debian 9 just installed. I have installed ufw and opened port 443. In VestaCP> Firewall I have verified that it is open I have added port 443 to iptables

sudo iptables -A INPUT -p tcp --dport 443 --jump ACCEPT 

Check with nmap or telnet and it’s always closed … why? What’s going on? Can somebody help me?

Thanks!

Subscribe
Share

You don’t give a lot of information, but let’s have a think about these:

  • Do you have any other firewall, like the DO one?
  • Did you allow outgoing as well?
  • Have you got any logs? Logs are best information
  • Can you ping other ports from outside?
  • is the HTTPS service actually running?

Hope this helps you a bit


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi, were you able to fix the port 443 problem for vestacp? I am installing the centos and something similar happens to me; I can’t even load the vesta login page.

Sorry, but I use Linux on desktop and I’m testing on server. I have only instilled the debian 9 dropplet and installed vesta. Then install uwf and added to iptables. Only that.

The vestacp firewall (web version) shows port 443 open.

To allow outgoing connections … how is it done? with uwf?

I can ping all ports except 443. The ip is this: 174.138.39.157

I think the main problem is that at some point that port is closed. I don’t know if it’s the operating system, apache, vestacp … I don’t know :(

Forgive me my ignorance. And my English too, I am Spanish.

Thank you very much!

telnet localhost 443

Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused

**iptables -L **

Chain INPUT (policy DROP)
target     prot opt source               destination
f2b-sshd   tcp  --  anywhere             anywhere             multiport dports ssh
fail2ban-SSH  tcp  --  anywhere             anywhere             tcp dpt:ssh
fail2ban-VESTA  tcp  --  anywhere             anywhere             tcp dpt:5600
fail2ban-MAIL  tcp  --  anywhere             anywhere             multiport dports smtp,urd,submission,2525,pop3,pop3s,imap2,imaps
fail2ban-FTP  tcp  --  anywhere             anywhere             tcp dpt:ftp
fail2ban-VESTA-ADMIN  tcp  --  anywhere             anywhere             tcp dpt:5600
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  10.10.0.5            anywhere
ACCEPT     all  --  174.138.39.157       anywhere
ACCEPT     all  --  localhost            anywhere
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:5600
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             multiport dports ftp,12000:12100
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             multiport dports smtp,urd,submission,2525
ACCEPT     tcp  --  anywhere             anywhere             multiport dports pop3,pop3s
ACCEPT     tcp  --  anywhere             anywhere             multiport dports imap2,imaps
ACCEPT     tcp  --  anywhere             anywhere             multiport dports mysql,postgresql
DROP       tcp  --  anywhere             anywhere             tcp dpt:8083
ACCEPT     icmp --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain f2b-sshd (1 references)
target     prot opt source               destination
REJECT     all  --  134.209.115.206      anywhere             reject-with icmp-port-unreachable
REJECT     all  --  pool-68-9-123-181.telecel.com.py  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  222.186.180.17       anywhere             reject-with icmp-port-unreachable
REJECT     all  --  121.162.131.223      anywhere             reject-with icmp-port-unreachable
RETURN     all  --  anywhere             anywhere

Chain fail2ban-FTP (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-MAIL (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-SSH (1 references)
target     prot opt source               destination
REJECT     all  --  134.209.115.206      anywhere             reject-with icmp-port-unreachable
REJECT     all  --  pool-68-9-123-181.telecel.com.py  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  222.186.180.17       anywhere             reject-with icmp-port-unreachable
REJECT     all  --  121.162.131.223      anywhere             reject-with icmp-port-unreachable
RETURN     all  --  anywhere             anywhere

Chain fail2ban-VESTA (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-VESTA-ADMIN (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain vesta (0 references)
target     prot opt source               destination

nmap 174.138.39.157

Starting Nmap 7.40 ( https://nmap.org ) at 2019-10-18 10:12 UTC
Nmap scan report for 174.138.39.157
Host is up (0.000014s latency).
Not shown: 985 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
143/tcp  open  imap
465/tcp  open  smtps
587/tcp  open  submission
993/tcp  open  imaps
995/tcp  open  pop3s
2525/tcp open  ms-v-worlds
3306/tcp open  mysql
8080/tcp open  http-proxy
8443/tcp open  https-alt