No matter what I do, I cannot get an open port to be accessible to the outside world.
From searches, I have seen people mention the issue is the way the containers are created, which blocks the ports. So they look open internally, but are not accessible outside.
Support are telling me it should work. So I don’t think they are aware of the issue. Clearly there is an issue based on the amount of questions about it. However, there are no answers (at least not for my scope - having an open port that can receive POST requests from external source).
If there is a solution here, I would love to know it. I do think it might be helpful to others as well.
Thank you!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey Mike! 👋
As you mentioned it sounds like your service might not be bound to the correct network interface, which could explain why you can’t access it externally.
Run this command on your Droplet to see which address your service is bound to:
sudo netstat -tuln | grep <port>
If the result shows 127.0.0.1:<port>, it means your service is only accessible locally (localhost). This is why external requests are failing—it’s not bound to 0.0.0.0, which allows external connections.
Feel free to share the output here!
There are a few ways to fix fix this:
Option 1: Recreate the Container to Bind to 0.0.0.0
To make your service accessible externally, update your app or container configuration to bind to 0.0.0.0. For example:
-
If you’re using Node.js, modify your code:
app.listen(port, '0.0.0.0', () => { console.log(`Server running on port ${port}`); }); -
For Docker, your
docker runordocker-compose.ymlexposes the ports correctly:ports: - "3000:3000"
Once this change is made, your service will be accessible externally.
Option 2: Use Nginx as a Reverse Proxy
If you want to keep your service bound to 127.0.0.1 for security reasons, you can use Nginx as a reverse proxy to handle external traffic. Nginx will listen on 0.0.0.0 and forward the requests to your service on 127.0.0.1.
Example Nginx configuration:
server {
listen 80;
server_name yourdomain.com;
location / {
proxy_pass http://127.0.0.1:<port>;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
After setting up Nginx, restart the service:
sudo systemctl restart nginx
This approach keeps your service local but makes it accessible externally through Nginx:
Let me know how it goes!
- Bobby
Heya, @mikeanemone
Sometimes, network misconfigurations or cloud firewall settings can cause traffic routing issues. You can verify your service is accessible via the correct public IP. Run:
curl http://<your-public-ip>:<port>
If this fails locally on the droplet, verify the public network interface configuration:
ip a
You can ensure there’s no misconfiguration in DNS settings that routes requests incorrectly. Also ensure that your cloud firewall rules align with the droplet’s configuration:
- Allow both inbound and outbound traffic on the desired port.
- Ensure the droplet has no conflicting firewalls (e.g., UFW and DigitalOcean cloud firewalls).
Hope that this helps!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.