After Fail2ban/firewalls integration cant access https

Question

After integrating fail2ban, and some basic firewalls, we can no longer access our site(s) through https.

Ubuntu 14, nginx, wp/magento on same server. 2 SSL certs.

Error logs print out:

Access forbidden by rule, client: 107.170.204.55, server: shop.stickybumps.com, request: "POST /app/etc/local.xml HTTP/1.1", host: "shop.stickybumps.com"

‘sudo netstat -plutn | grep :443’ prints out:

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      4774/nginx

Any help would be greatly appreciated!

-Constantine

Kamal Nasser · Answer

You need to remove the “DROP everything” rule and use the default policy setting instead: sudo iptables -D INPUT -j DROP sudo iptables -P INPUT DROP

hello646431 · Answer

Hey Andrew, Thanks for your help. Ran that command, as well as: fuser -k 80/tcp fuser -k 443/tcp service nginx start but still no dice.

Andrew SB · Answer

Running nmap on your IP only show ports 80 and 22 to be open. HTTPS traffic is on port 443. I’d explicitly open port 443 with: sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

hello646431 · Answer

Also, ‘sudo iptables -S’ returns this: -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N fail2ban-nginx-http-auth -N fail2ban-ssh -N udp-flood -A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-nginx-http-auth -A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh -A INPUT -i lo -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -j DROP -A OUTPUT -p udp -j udp-flood -A fail2ban-nginx-http-auth -j RETURN -A fail2ban-ssh -j RETURN -A udp-flood -p udp -m limit --limit 50/sec -j RETURN -A udp-flood -j LOG --log-prefix "UDP-flood attempt: " -A udp-flood -j DROP

Question

After Fail2ban/firewalls integration cant access https