i was having some unrelated to the website server problems, so i stopped iptables.
ever since then, apache wont serve pages. i only get the error This site can’t be reached. my.site.org took too long to respond.
i tried reinstalling apache, disabling php, changing the owner/group of the www file, and a dozen other things.
there is no server side error, and it appears apache is running, how can i get apache to serve pages again without restarting iptables as that breaks the rest of the server?EDIT:
wouldnt let me copy the first two commands but it would the third:
root@mineos ~# lsof -i (LISTEN) apache2 649 root 4u IPv6 11604 0t0 TCP *:http (LISTEN) apache2 9079 www-data 4u IPv6 11604 0t0 TCP *:http (LISTEN) apache2 9080 www-data 4u IPv6 11604 0t0 TCP *:http (LISTEN) apache2 9081 www-data 4u IPv6 11604 0t0 TCP *:http (LISTEN) apache2 9082 www-data 4u IPv6 11604 0t0 TCP *:http (LISTEN) apache2 9083 www-data 4u IPv6 11604 0t0 TCP *:http (LISTEN)i tried all these ports and got connection refused on all.
Answer
Can you show us the iptables rules you had when apache was working?
$ iptables -L -n
and
$ iptables -t nat -L -n
Also check what address and port apache is listening on.
It’s a wild guess, but there might be an iptables rule set up that forwards external requests to port 80 on your server to the port where apache is really listening.
Stopping iptables disables that rule and so your requests don’t get answered.
Edit:
Apache is indeed listening on port 80, but…
I can see from your iptables rules that your INPUT chain’s default policy is DROP.
If you are “stopping” iptables by simply flushing all the chains, that would leave you with a machine that accepts nothing.
Once the firewall is stopped, try this:
$ iptables -P INPUT ACCEPT
This will truly remove any filtering.
Attribution
Source : Link , Question Author : kaioker2 , Answer Author : Phil Taprogge
