I have a periodical problem in a server with Plesk, the Port 80 is not listened but 7080 is listened so the websites do not respond on the Port 80.
#netstat -tlpn | grep :80
#netstat -tlpn | grep :7080
tcp 0 0 :::7080 :::* LISTEN 3009/httpd
# plesk sbin nginxmng -s
Enabled
I resolve this problem executing the following commands but after few minutes the problem returns periodically:
pkill -9 nginx
# service nginx start
Starting nginx: [ OK ]
# /usr/local/psa/admin/bin/nginxmng -d
# /usr/local/psa/admin/bin/nginxmng -e
# service nginx restart
Starting nginx: [ OK ]
Source: https://support.plesk.com/hc/en-us/articles/213926725-Websites-do-not-respond-on-80-port-but-respond-properly-on-7080-port
How can i finally fix this error? I am thinking to add a crontab running the commands that i have used to solve the error but i think that it is not a good idea.
my webserver runs ~ok, I can see that at least locally apache2 is responding to localhost and http://192.168.0.1 but if I try from another machine in the same subnet I can't see it. Of course I can ping/ssh the webserver and firewall is disabled. From the server if I try:
netstat -an | grep :80
I get:
tcp 0 0 192.168.0.1:80 0.0.0.0:* LISTEN
and my /etc/hosts just contains:
127.0.0.1 localhost
and I have a standard apache2.conf file. What can be wrong?
I am trying to setup the flume agent to collect the log events from Rsyslog, but I dont have root permission/sudoer to figure out which port syslog is running on/ and where it is running on TCP or UDP so I can configure flume agent accordingly.
Is there any way to know exactly what is the port that Rsyslog deamon running on?
Below are command that I have used to identify Rsyslog Deamon process
ldnpsr000001131$ ps -ef | grep syslog
root 4874 1 0 Feb04 ? 00:00:14 /sbin/rsyslogd -i /var/run/syslogd.pid -c 4
You may try netstat -natupel |grep syslog and you'll get all connections : active and listening
Is there any command which checks that a certain process is listening to a port.
I have tried check_tcp but it does not output which process is listening to a port
Its output was:
TCP OK - 0.000 second response time on port 8443|time=0.000421s;;;0.000000;10.000000
I didn't see anything on the Nagios Plugins Exchange to meet your needs, so I wrote one to be used with NRPE.
https://github.com/jlyoung/nagios_check_listening_port_linux
Output looks like this:
[root#joeyoung.io ~]# python /usr/lib/nagios/plugins/nagios_check_listening_port_linux.py -n nginx -p 80
OK. nginx found listening on port 80 for the following address(es): [0.0.0.0] | 'listening_on_expected_port'=1;;;;
[root#joeyoung.io ~]# python /usr/lib/nagios/plugins/nagios_check_listening_port_linux.py -n nginx -p 9999
CRITICAL - No process named nginx could be found listening on port 9999 | 'listening_on_expected_port'=0;;;;
I've configured my server with a default security group, which has the following Inbound rules:
| Type | Protocol | Port Range | Source |
| All TCP | TCP | 0-65535 | 0.0.0.0/0 |
| All UDP | UDP | 0-65535 | 0.0.0.0/0|
With these rules, netstat shows the following output:
netstat -atn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:1113 0.0.0.0:* LISTEN
tcp 0 0 10.0.1.31:2113 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2113 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:11300 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:11211 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 :::5432 :::* LISTEN
tcp6 0 0 :::3306 :::* LISTEN
tcp6 0 0 :::6379 :::* LISTEN
So, in theory, I should be able to connect to port 1113 with TCP from any IP Address. But this is not working, the IP address is showing as filtered, as you can see in the following output:
The only ports that seem to be OK (open and not filtered) are 22 & 80. Here's the output I get when testing them with nmap:
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
1113/tcp filtered ltp-deepspace
2113/tcp filtered unknown
3306/tcp filtered mysql
6379/tcp filtered unknown
I even tried adding a custom inbound rule just for my IP and Port 1113, but the result is the same.
I suspect that some firewall is blocking traffic on those PORTS in my instance, but I'm not sure how to check that.
One thing to notice, is that this instance is in a Amazon VPC. However, the network ACL for this instance has the following inbound rule, that should allow income communications from all ports:
|Rule # | Type | Protocol | Port Range | Source | Allow / Deny |
| 100 | ALL Traffic | ALL | ALL | 0.0.0.0/0 |ALLOW |
Any ideas on what could be the issue here?
Thanks a lot for your help!
[I know this is an old post, but I was bitten by the very same thing just today and came across this very question. Expanded to add steps for Windows AMI]
Summary
When you fire up a new EC2 instance from a new AMI there seem to be conditions where the local firewall is set to filter everything except SSH.
Now that might be the default on the newer AMIs, or something at work such as fail2ban or such like. If you are using a Windows AMI, this could be the Windows firewall.
The symptoms are as you describe - you have a public-facing IP address (either directly attached or via Elastic IP), you have permissive Security Groups, and all is otherwise well. An nmap from another working server (NB be careful, AWS don't like people running nmap from EC2 instances even onto your own servers) will show port 22 open but everything else filtered.
Linux
TLDR; The quick fix is probably easy in order to flush the rules:
iptables -F
Ideally, run this first to list what the offending rule is:
iptables -L
But you should have a good look at why it was being set up that way. It's possible something like firewalld is running which is going to monkey with the rules and you have the choice of configuring or disabling it. These will tell you if it's running:
firewall-cmd --status
firewall-cmd --get-services
There are other firewall services, of course.
Once you think you have it right make sure you reboot the server to ensure everything comes up right rather than reverting to a catatonic state (services speaking).
Windows
If you are using a Windows AMI, you will need to adjust the firewalls.
Go to Control Panel > System and Security > Windows Defender Firewall
From here, you could turn it off and rely solely on your AWS security (not recommended) or selectively enable certain apps / ports.
For those who are seeking for an answer. It is because there is an additional firewall in your Linux system. For example, you probably need to do this if you are using Ubuntu: sudo ufw disable.
See this link for more information.
I know this is old post but I think it might help someone else too . I was running RHEL 7.6 got this issue . I had to re enable the firewall and added the ports in the firewall rule . Then it worked like charm .
For a Windows AMI, this could be due to the Windows firewall being enabled. See my edits to #Miles_Gillham's answer for details