DO Port Access Issue - Anyone Know How to FIx?

Question

No matter what I do, I cannot get an open port to be accessible to the outside world.

From searches, I have seen people mention the issue is the way the containers are created, which blocks the ports. So they look open internally, but are not accessible outside.

Support are telling me it should work. So I don’t think they are aware of the issue. Clearly there is an issue based on the amount of questions about it. However, there are no answers (at least not for my scope - having an open port that can receive POST requests from external source).

If there is a solution here, I would love to know it. I do think it might be helpful to others as well.

Thank you!

Bobby Iliev · Answer

Hey Mike! 👋

As you mentioned it sounds like your service might not be bound to the correct network interface, which could explain why you can’t access it externally.

Run this command on your Droplet to see which address your service is bound to:

sudo netstat -tuln | grep <port>

If the result shows 127.0.0.1:<port>, it means your service is only accessible locally (localhost). This is why external requests are failing—it’s not bound to 0.0.0.0, which allows external connections.

Feel free to share the output here!

There are a few ways to fix fix this:

Option 1: Recreate the Container to Bind to `0.0.0.0`

To make your service accessible externally, update your app or container configuration to bind to 0.0.0.0. For example:

If you’re using Node.js, modify your code:

app.listen(port, '0.0.0.0', () => {
  console.log(`Server running on port ${port}`);
});

For Docker, your docker run or docker-compose.yml exposes the ports correctly:
```
ports:
  - "3000:3000"
```

Once this change is made, your service will be accessible externally.

Option 2: Use Nginx as a Reverse Proxy

If you want to keep your service bound to 127.0.0.1 for security reasons, you can use Nginx as a reverse proxy to handle external traffic. Nginx will listen on 0.0.0.0 and forward the requests to your service on 127.0.0.1.

Example Nginx configuration:

server {
    listen 80;
    server_name yourdomain.com;

    location / {
        proxy_pass http://127.0.0.1:<port>;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

After setting up Nginx, restart the service:

sudo systemctl restart nginx

This approach keeps your service local but makes it accessible externally through Nginx:

https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-as-a-reverse-proxy-on-ubuntu-22-04

Let me know how it goes!

- Bobby

alexdo · Answer

Heya, @mikeanemone

Sometimes, network misconfigurations or cloud firewall settings can cause traffic routing issues. You can verify your service is accessible via the correct public IP. Run:

curl http://<your-public-ip>:<port>

If this fails locally on the droplet, verify the public network interface configuration:

ip a

You can ensure there’s no misconfiguration in DNS settings that routes requests incorrectly. Also ensure that your cloud firewall rules align with the droplet’s configuration:

Allow both inbound and outbound traffic on the desired port.
Ensure the droplet has no conflicting firewalls (e.g., UFW and DigitalOcean cloud firewalls).

Hope that this helps!