Question

Ports 80/http and 443/https are filtered on your Droplet?

Posted July 14, 2020 605 views
DigitalOceanFirewall

Hi all

So I can’t access any sites on my droplet since the 30th of June and I just received an email from DO support saying:

“Testing shows that ports 80/http and 443/https are filtered on your Droplet.

A filtered result means nmap cannot determine the status of the port. Packets sent to the port are dropped without acknowledgement, so nmap cannot report the port’s status. This could also be due to firewall rules within the Droplet”

I haven’t got a clue how to fix the issue so any help/guidance would be great appreciated.

This droplet has been working without issue for a couple of years, what would cause this to happen all of a sudden?

TIA Cheers
Neil

3 comments
  • Hey, @nb060420 Can you run the following command inside your droplet and share the result?

    sudo ufw status verbose
    

    This should list out the ports/services that are allowed through the firewall.

  • Hey linkwithjoydeep

    Thanks for your reponse, this is the result:

    root@web01:~# sudo ufw status verbose
    Status: active
    Logging: on (low)
    Default: deny (incoming), allow (outgoing), disabled (routed)
    New profiles: skip

    To Action From


    22 ALLOW IN Anywhere
    22 (v6) ALLOW IN Anywhere (v6)

    Should ports 80 and 443 be listed here somehow?

    Cheers
    Neil

  • Also, may I know what type of server you are running? There might be a misconfiguration.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hey @nb060420 , You can visit UFW Essentials: Common Firewall Rules and Commands tutorial to allow HTTP/80 and HTTPS/443 ports through the firewall.

by Mitchell Anicas
UFW is a firewall configuration tool for iptables that is included with Ubuntu by default. This cheat sheet-style guide provides a quick reference to UFW commands that will create iptables firewall rules are useful in common, everyday scenarios. This includes UFW examples of allowing and blocking various services by port, network interface, and source IP address.
  • Hey linkwithjoydeep

    Thanks for sending the link to this doc, I tried a couple of these command lines a few days ago but they didn’t seem to work, of course it’s more than possible I didn’t do it correctly.

    Is there some way you have to save the changes to the UFW rules after adding them?

    Cheers
    Neil

    • Ok, to allow all incoming HTTP and HTTPS (port 443) tcp connections run this command:

      sudo ufw allow proto tcp from any to any port 80,443
      

      and then run the following again to make sure you see ports 80 and 443 listed along with port 22.

      sudo ufw status verbose
      
      • Ok so I have run that command and then run the status command again which shows the following result:

        root@web01:~# sudo ufw status verbose
        Status: active
        Logging: on (low)
        Default: deny (incoming), allow (outgoing), disabled (routed)
        New profiles: skip

        To Action From


        22 ALLOW IN Anywhere
        80,443/tcp ALLOW IN Anywhere
        22 (v6) ALLOW IN Anywhere (v6)
        80,443/tcp (v6) ALLOW IN Anywhere (v6)

        But I still can’t access my sites sadly

        Cheers
        Neil

Submit an Answer