Linode host not allowing 80/443



  • Today I got an email from Linode saying that the host that my instance resides on was having issues. After they "fixed it" and rebooted I no longer have access via the web. I can SSH into it but that is all. I am by no means a linux guru so I am not sure where the issue lies.

    Last I recall I didn't have any firewall on the server. It is running Debian 9.

    Any help would be greatly appreciated!!



  • This is all greek to me 🙂

    [email protected]:~# iptables -L
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    f2b-sshd   tcp  --  anywhere             anywhere             multiport dports ssh
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain f2b-sshd (1 references)
    target     prot opt source               destination         
    REJECT     all  --  58.137.172.213       anywhere             reject-with icmp-port-unreachable
    REJECT     all  --  23.102.255.235       anywhere             reject-with icmp-port-unreachable
    RETURN     all  --  anywhere             anywhere
    


  • Here is the -S output

    [email protected]:~# iptables -S
    -P INPUT ACCEPT
    -P FORWARD ACCEPT
    -P OUTPUT ACCEPT
    -N f2b-sshd
    -A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
    -A f2b-sshd -s 23.102.255.235/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -s 58.137.172.213/32 -j REJECT --reject-with icmp-port-unreachable
    -A f2b-sshd -j RETURN
    


  • Netstat output:

    [email protected]:~# netstat -plunt
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
    tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      3480/mysqld         
    tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      3342/dovecot        
    tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      3342/dovecot        
    tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      2241/rpcbind        
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3340/sshd           
    tcp6       0      0 :::110                  :::*                    LISTEN      3342/dovecot        
    tcp6       0      0 :::143                  :::*                    LISTEN      3342/dovecot        
    tcp6       0      0 :::111                  :::*                    LISTEN      2241/rpcbind        
    tcp6       0      0 :::22                   :::*                    LISTEN      3340/sshd           
    udp        0      0 0.0.0.0:111             0.0.0.0:*                           2241/rpcbind        
    udp    24576      0 45.79.157.52:123        0.0.0.0:*                           3922/ntpd           
    udp        0      0 127.0.0.1:123           0.0.0.0:*                           3922/ntpd           
    udp        0      0 0.0.0.0:123             0.0.0.0:*                           3922/ntpd           
    udp        0      0 0.0.0.0:721             0.0.0.0:*                           2241/rpcbind        
    udp6       0      0 :::111                  :::*                                2241/rpcbind        
    udp6       0      0 fe80::f03c:91ff:fe2:123 :::*                                3922/ntpd           
    udp6   48384      0 2600:3c03::f03c:91f:123 :::*                                3922/ntpd           
    udp6       0      0 ::1:123                 :::*                                3922/ntpd           
    udp6       0      0 :::123                  :::*                                3922/ntpd           
    udp6       0      0 :::721                  :::*                                2241/rpcbind
    


  • I went through the logs a bit and found that this:

    [FAILED] Failed to start Load Kernel Modules.

    I'm sure this isn't good:

    ● systemd-modules-load.service - Load Kernel Modules
       Loaded: loaded (/lib/systemd/system/systemd-modules-load.service; static; vendor preset: enabled)
       Active: failed (Result: exit-code) since Tue 2018-07-03 11:09:01 CDT; 35min ago
         Docs: man:systemd-modules-load.service(8)
               man:modules-load.d(5)
      Process: 1990 ExecStart=/lib/systemd/systemd-modules-load (code=exited, status=1/FAILURE)
     Main PID: 1990 (code=exited, status=1/FAILURE)
    
    Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
    


  • All good. I dove way too deep on this one 🤪

    Turns out when I upgraded Moodle I forgot to put a log directory back in place and it was failing on the Apache restart.



  • @wls-itguy said in Linode host not allowing 80/443:

    All good. I dove way too deep on this one 🤪

    Turns out when I upgraded Moodle I forgot to put a log directory back in place and it was failing on the Apache restart.

    I was just gonna ask if you're sure the service that's supposed to respond on those ports was running. That's the first thing I check anymore. Glad you were able to get it sorted.



  • @travisdh1 said in Linode host not allowing 80/443:

    @wls-itguy said in Linode host not allowing 80/443:

    All good. I dove way too deep on this one 🤪

    Turns out when I upgraded Moodle I forgot to put a log directory back in place and it was failing on the Apache restart.

    I was just gonna ask if you're sure the service that's supposed to respond on those ports was running. That's the first thing I check anymore. Glad you were able to get it sorted.

    For some reason I just went deep end because of Linode being involved. Oh well, lesson learned...I hope.