Port 80 not accessible outside of the VPC network, 443 works

I have an old droplet, which is not part of any VPC networks (those were’t a thing 9 years ago when the droplet was created), and I can successfully access port 80 on it. The iptables rules are there in place, nginx is up&running, so far so good.

However, I wanted to make it part of a VPC network, and since only new droplets can be added to a VPC network, I cloned the old one.

So far so good, however once I booted the cloned droplet, and started running some tests, I noticed I was not able to access port 80 outside of the VPC network. The iptables rules, are the same, nginx is running as expected, basically there configuration is the same as on the old server.

Port 80 is accessible from other droplets in the same VPC network, and port 443 is accessible from anywhere, so it seems that some networking layer above my droplets are rejecting the traffic coming from the outside world.

I don’t have any firewall defined on the DigitalOcean portal, I only have the ones that come with the Ubuntu server.

What could be the problem?

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

This was caused by a networking issue on my side, somehow the tcp packets sent to port 80 were dropped by one of the routers, leading to not be able to use that port. The problem got fixed by itself, no DigitalOcean droplet configuration changes was needed.

Bobby Iliev
Site Moderator
Site Moderator badge
January 24, 2022

Hi there,

With all that has been mentioned, the only thing that comes to my mind is that your Apache services is only binding on your_pivate_ip:80 rather than

You can check that with the following command:

netstat -plant | grep 80

If this is the case, in your Apache virtual host you would need to change the bind-address from your private IP to *:80.

Let me know how it goes. Best, Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel