Question

Ubuntu 20.04 Droplet "Port 80 in use" SSL Error?

Hi, I’m following a Video on YouTube…

https://www.youtube.com/watch?v=S6S5JF6Gou0

I have an Ubuntu 20.04 Droplet. With a Floating IP. Is connected to Digital Ocean Nameservers. No problem. SSH connects on Termius. The Domain was purchased from Namecheap. 1 year free with my GitHub Student Pack. I also have an SSL from Namecheap. Free for a year. The SSL is installed on my Droplet. It works. My Domain connects. On a web browser. It converts http to https. And it shows an Apache page. I’m using Apache. On my Droplet.

I installed GoPhish. Like the video. GoPhish on my Droplet. When I try to run gophish, I get an error. The error is below…

"Starting admin server at https://0.0.0.0:1724"
time="2021-05-23T02:59:54Z" level=info msg="Background Worker Started Successfully - Waiting for Campaigns"
time="2021-05-23T02:59:54Z" level=info msg="Starting IMAP monitor manager"
time="2021-05-23T02:59:54Z" level=info msg="Starting new IMAP monitor for user admin"
time="2021-05-23T02:59:54Z" level=info msg="Starting phishing server at https://0.0.0.0:80"
time="2021-05-23T02:59:54Z" level=fatal msg="listen tcp 0.0.0.0:80: bind: address already in use"

That’s with Apache running. I shut down apache2. And got this (port 80 is fine…)

"Starting admin server at https://0.0.0.0:1724"
time="2021-05-23T03:02:04Z" level=info msg="Background Worker Started Successfully - Waiting for Campaigns"
time="2021-05-23T03:02:04Z" level=info msg="Starting IMAP monitor manager"
time="2021-05-23T03:02:04Z" level=info msg="Starting new IMAP monitor for user admin"
time="2021-05-23T03:02:04Z" level=info msg="Starting phishing server at https://0.0.0.0:80"

Then I entered my Droplets IP. (Floating or not.) And port 1724. Like the Video. From my config.json. It times out and doesn’t connect. In the Browser. No Landing Page.

Also, this is my second Digital Ocean Droplet. The first destroyed 6 months ago. I had gophish installed correctly. Connected to IP and Port. The only difference is, I didn’t have an SSL. Never installed. So, I’m guessing the SSL is the problem???

Here’s my config.json file…

{
        "admin_server": {
                "listen_url": "0.0.0.0:1724",
                "use_tls": true,
                "cert_path": "gophish_admin.crt",
                "key_path": "gophish_admin.key"
        },
        "phish_server": {
                "listen_url": "0.0.0.0:80",
                "use_tls": true,
                "cert_path": "redteamserver.me.crt",
                "key_path": "redteamserver.me.key"
        },
        "db_name": "sqlite3",
        "db_path": "gophish.db",
        "migrations_prefix": "db/db_",
        "contact_address": "",
        "logging": {
                "filename": "",
                "level": ""
        }
}

Actual .crt and .key. From Namecheap. Download.

So, how do I run GoPhish? With Port 80/443? Can I use any random Port? In config.json? Or how do I run both? Apache and Gophish? At the same time? Domain and Remote IP? Digital Ocean IP. Both.

AND is my SSL the problem? Please take a look and reply. With instructions. Thanks


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi there @michaelheld4,

As the GoPhish server also listens on port 80 as well as Apache this is why you got the error initially. You can not have more than service listening one port, this is why after stopping Apache, you were able to start the GoPhish service.

What I would suggest is disabling Apache so that the next time you restart the Droplet, the Apache service would not start and cause problems due to the conflicting port:

systemctl disable apache2

Regarding the SSL problem, at the moment in your GoPhish configuration, you have only port 80 specified, this is the HTTP port. In order to use HTTPS, you also need to define port 443 in there.

You should be able to do this with the following:

...
        "phish_server" : {
                "listen_url" : "0.0.0.0:443",
                "use_tls" : true,
                "cert_path" : "[DOMAIN].crt",
                "key_path": "[DOMAIN].key"
        },
...

Let me know how it goes.

Regards, Bobby