Also, ‘sudo iptables -S’ returns this:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N fail2ban-nginx-http-auth
-N fail2ban-ssh
-N udp-flood
-A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-nginx-http-auth
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -j DROP
-A OUTPUT -p udp -j udp-flood
-A fail2ban-nginx-http-auth -j RETURN
-A fail2ban-ssh -j RETURN
-A udp-flood -p udp -m limit --limit 50/sec -j RETURN
-A udp-flood -j LOG --log-prefix "UDP-flood attempt: "
-A udp-flood -j DROP

Running nmap on your IP only show ports 80 and 22 to be open. HTTPS traffic is on port 443. I’d explicitly open port 443 with:

sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Hey Andrew,

Thanks for your help. Ran that command, as well as:

fuser -k 80/tcp 
fuser -k 443/tcp
service nginx start

but still no dice.

You need to remove the “DROP everything” rule and use the default policy setting instead:

sudo iptables -D INPUT -j DROP
sudo iptables -P INPUT DROP