Solved

Apache timeout remote connection if not port 80

Posted on 2016-10-14
10
47 Views
Last Modified: 2016-11-02
Hi

I can access http on port 80 remotly, while when i change the port to other ports 9080, i can connect locally but not remotely.

Note:
Apache version: 2.4
Destribution: centos 7
Firewall status: disabled
SELINUX: disabled

Configuration:
Listen 9080

Thanks in advance
0
Comment
Question by:Rawand Amin
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 28

Expert Comment

by:Jan Springer
ID: 41843404
What do you see when run wireshark?
0
 
LVL 3

Expert Comment

by:jessbruffett
ID: 41843452
Are you trying to set the port in the main httpd.conf file or the vhost config file? in my experience leave as much default in the httpd file as you can and set your custom settings in the vhost config file.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 41843458
I do the same (making mods in the vhosts) but I sometimes also run several instances of apache and it should work fine to just make the change in the regular configuration file.
0
 
LVL 3

Expert Comment

by:jessbruffett
ID: 41843464
Also for the OP, an eternal question but one that has bitten me more than once, after making the changes you did restart the apache process correct?
0
 
LVL 12

Expert Comment

by:Kent W
ID: 41843728
Sound like you may have a default (or other than default) iptables rules set applied?
What is the output of
iptables -L -n
?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 28

Expert Comment

by:Jan Springer
ID: 41843758
The firewall should be disabled according to the author.
0
 
LVL 12

Expert Comment

by:Kent W
ID: 41843883
I glossed right over that, Jan.   Thank you.

OP, can you define "locally"? Is this from the same machine, as in localhost you are hitting apache, or is locally referring to the same LAN / network segment? Is there any security device or NAT device between the apache box and where you are testing from "remotely"?
0
 

Author Comment

by:Rawand Amin
ID: 41849559
Thank you all, I will keep port 80 as default.  it is much easier.
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 500 total points
ID: 41849815
most likely the port 9080 is closed on the client side

you can debug this quite easily
- check with "netstat -lptn" that you actually bind the proper interface(s)
- run "tcpdump -i any port 9080" and try to connect. if nothing appears, your connection does not reach. if you see SYNs but no ACKs something is wrong with the local machine configuration : firewall, apparamor, binding the wrong interface ....
0
 

Author Closing Comment

by:Rawand Amin
ID: 41869946
Thanks for your help
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now