SSL/443 port showing as closed — Webserver Setup; Apache/Namecheap/DynamicDNS
I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.
On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)
On the webserver (RasberryPi) - I ran an nmap scan:
Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)
So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.
<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html
#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>
#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>
Any help is much appreciated! Thank you in advance.
linux networking apache-http-server ssl raspberry-pi
|
show 6 more comments
I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.
On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)
On the webserver (RasberryPi) - I ran an nmap scan:
Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)
So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.
<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html
#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>
#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>
Any help is much appreciated! Thank you in advance.
linux networking apache-http-server ssl raspberry-pi
Was this tested both internally and external?
– Hefewe1zen
Feb 8 at 23:02
Can you define the parameters of how you would test both internally and externally?
– Pseudoremora
Feb 8 at 23:35
You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?
– Hefewe1zen
Feb 8 at 23:49
Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.
– Pseudoremora
Feb 8 at 23:56
So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?
– Hefewe1zen
Feb 9 at 0:03
|
show 6 more comments
I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.
On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)
On the webserver (RasberryPi) - I ran an nmap scan:
Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)
So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.
<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html
#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>
#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>
Any help is much appreciated! Thank you in advance.
linux networking apache-http-server ssl raspberry-pi
I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.
On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)
On the webserver (RasberryPi) - I ran an nmap scan:
Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)
So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.
<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html
#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>
#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>
Any help is much appreciated! Thank you in advance.
linux networking apache-http-server ssl raspberry-pi
linux networking apache-http-server ssl raspberry-pi
asked Feb 8 at 21:59
PseudoremoraPseudoremora
11
11
Was this tested both internally and external?
– Hefewe1zen
Feb 8 at 23:02
Can you define the parameters of how you would test both internally and externally?
– Pseudoremora
Feb 8 at 23:35
You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?
– Hefewe1zen
Feb 8 at 23:49
Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.
– Pseudoremora
Feb 8 at 23:56
So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?
– Hefewe1zen
Feb 9 at 0:03
|
show 6 more comments
Was this tested both internally and external?
– Hefewe1zen
Feb 8 at 23:02
Can you define the parameters of how you would test both internally and externally?
– Pseudoremora
Feb 8 at 23:35
You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?
– Hefewe1zen
Feb 8 at 23:49
Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.
– Pseudoremora
Feb 8 at 23:56
So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?
– Hefewe1zen
Feb 9 at 0:03
Was this tested both internally and external?
– Hefewe1zen
Feb 8 at 23:02
Was this tested both internally and external?
– Hefewe1zen
Feb 8 at 23:02
Can you define the parameters of how you would test both internally and externally?
– Pseudoremora
Feb 8 at 23:35
Can you define the parameters of how you would test both internally and externally?
– Pseudoremora
Feb 8 at 23:35
You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?
– Hefewe1zen
Feb 8 at 23:49
You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?
– Hefewe1zen
Feb 8 at 23:49
Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.
– Pseudoremora
Feb 8 at 23:56
Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.
– Pseudoremora
Feb 8 at 23:56
So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?
– Hefewe1zen
Feb 9 at 0:03
So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?
– Hefewe1zen
Feb 9 at 0:03
|
show 6 more comments
1 Answer
1
active
oldest
votes
Understanding the network topology goes a long way with nailing down these problems.
Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.
Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/
Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403692%2fssl-443-port-showing-as-closed-webserver-setup-apache-namecheap-dynamicdns%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Understanding the network topology goes a long way with nailing down these problems.
Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.
Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/
Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.
add a comment |
Understanding the network topology goes a long way with nailing down these problems.
Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.
Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/
Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.
add a comment |
Understanding the network topology goes a long way with nailing down these problems.
Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.
Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/
Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.
Understanding the network topology goes a long way with nailing down these problems.
Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.
Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/
Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.
answered Feb 18 at 16:52
Hefewe1zenHefewe1zen
1,232912
1,232912
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403692%2fssl-443-port-showing-as-closed-webserver-setup-apache-namecheap-dynamicdns%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Was this tested both internally and external?
– Hefewe1zen
Feb 8 at 23:02
Can you define the parameters of how you would test both internally and externally?
– Pseudoremora
Feb 8 at 23:35
You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?
– Hefewe1zen
Feb 8 at 23:49
Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.
– Pseudoremora
Feb 8 at 23:56
So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?
– Hefewe1zen
Feb 9 at 0:03