The problem:
I have set up a (Docker) Django-Gunicorn-Nginx site on my home network. It works on the local network but I cannot access it through my domain.
The setup:
Registered a domain in namecheap.com.
Set up a dynamic DNS to update my public IP with the namecheap domain.
Set up the website on a computer in my home network and give it a static IP.
Enable port forwarding from public 80 to LAN 80.
The tests:
I have enabled port forwarding on the port 22 and I have been able to connect through SSH to the computer serving the website with ssh user#domain and it worked well -> domain/ddns ok.
I have accessed to the website from another computer connected on the same LAN by using the full static IP to the computer serving the website and it worked well -> website/server ok.
I have called my ISP to check if everything is set up correctly and if I am allowed to serve a website form my network and apparently there are no issues -> router/network ok.
The clue:
When I try to access the site from outside my home network, through the domain or my full public IP, I get an ERR_EMPTY_RESPONSE.
When I try to access the site from my home network, through the domain or with the full public IP (not through the LAN IP which actually works), I get redirected to the page 192.168.0.1/intercept.html which contains a message from my ISP saying that I do not have connection to the internet (which I actually have):
So, at this point I am a bit lost. I'd like to get ideas on what is the best way to troubleshot this situation.
As #ben5556 suggested, I tried port 8000 and it worked :) So my ISP is probably blocking port 80.
First I tried port 8080 but while enabling the port forwarding on the router configuration page, it showed a warning stating that this port is reserved for other stuff so I tried with port 8000 instead.
This is annoying since I called my ISP and they said that there should be no problem in using port 80. Moreover, there is no warning at all when enabling port forwarding on port 80.
UPDATE
Serving the web on public port 8000 makes no sense since browsers default to port 80, so the final solution has been to enable port forwarding from public 80 to LAN 8000. Apparently only LAN port 80 is blocked so this solution works nicely.
Related
ec2 instance is not publically available
I have a simple flask server open to port 80
there is even a public ip address but if I curl remotely to it connection get refused
but strangely ssh works just fine
and if I curl to public ip inside ec2 ssh it works
tried editing security group inboud rules but doesn't work...
googled bunch but all solutions say to edit inbound rules but it doesn't work for me...
am I doing something wrong?
The most common reason for this is that your Flask app is listening on localhost only, which is the default, and so is not reachable from outside the machine it's running on.
To fix this, make the server externally visible, by using:
app.run(host='0.0.0.0')
I have a flask app installed on a new windows 10 virtual machine. I can access the app as localhost:8081 - I want to make this available on the network. I added the firewall rule for port 8081 on windows defender as follows:
When I try to access with IP or hostname I get ERR_CONNECTION_REFUSED
I have also tried it on port 80 with same result. seems like the port is still blocked. I have nothing else running on this virtual machine. How can I fix this?
You will need to change security rules on both your computer and also the router. There might be some kind of security rule about how devices can communicate with each other.
I am relatively new to AWS and I've been looking at quite a few tutorials for the past couple of days trying to figure out how to make my AWS ubuntu instance accessible from the browser.
What I've done:
1st: I configured security groups to accept all traffic for ssh, http, https just to see if the public DNS listed in the instance is accessible.
2nd: I changed the IP of my instance to an elastic IP
3rd: I wrote a simple node.js file that listens on port: 9000 and console.logs 'hello world'
For some reason ssh works, and I can run my node.js file, but agina I cannot access the remote instance from the browser.
Any help would be greatly appreciated since I've been on this for a couple of days
Thanks!
Thank you everyone for the quick responses!
My issue was I did not include a TCP rule to my specific port. Now I am able to access that port via ec2-DNSNAME:9123.
And, just to clarify, if I want to host that DNS for all traffic I should specify 'anywhere' for the TCP rule, correct?
I configured security groups to accept all traffic for ssh, http, https
In security groups, "HTTP" does not mean "HTTP on any port"... it means "any traffic on TCP port 80" -- 80 being the standard IANA assigned port for HTTP.
Security groups are not aware of the type of traffic you are passing, only the IP protocol (e.g. TCP, UDP, ICMP, GRE, etc.) and port number (for protocols that use port numbers) and any protocol specific information (ICMP message types).
You need a rule allowing traffic to port 9000.
Firstly go to your EC2 and see if curl http://localhost works..
Also, if you are exposing your nodejs on port 9000 ; did u open 9000 also on security groups or not ?
Few things to check:
Security groups
Subnet NACLS (these can function as a subnet level
firewall, but unless you've messed with these they should allow all
traffic.)
On the server if you run netstat -na | grep <PORT> do you see your
application listening on the correct ports?
You may also check your system for a firewalls that could be short circuiting the requests.
If the above doesn't point you towards where your issue is you can grab tcpdump and filter it just for requests coming from your web browser (e.g after installing tcpdump -vvn host 10.20.30.40 port 8000 Substitute your ip and port). This will let you know if you're running into a network issue (Packets aren't reaching the server) or if its something with the app.
I'd also recommend using IP addresses while doing your initial troubleshooting. That way we can establish it is not network/server configuration before going into DNS.
I'm trying to access my WAMP server through my WAN IP.
My network infrastructure consists of a ISP's modem and a wireless router. Using win7.
I have setup the WAMP server on my laptop. I connected my laptop directly to my ISP's modem with a Ethernet cable and received the IP address 91.105.100.XXX. I was then able to connect to my WAMP server through this IP.
I disconnected my laptop form the modem and connected my modem to the wireless router. Then I connected with my laptop to the wireless network and tried to use the same IP address 91.105.100.XXX to access the WAMP server.
It was working for a while ~10 minutes. When joined to the wireless network I obtained another IP address - 46.109.65.XX. I tried to connect to the WAMP server using the new IP address 46.109.65.XX, but was unsuccessful. I am not able to reach the WAMP server when I’m connected to the wireless network through the WAN IP. Localhost works fine.
I have enabled port forwarding in my wireless routers configuration.
Tried to turn off firewall - no succes.
http://www.whatsmyip.org/port-scanner/server/ - show's that all ports are timed out.
Maybe I am doing something wrong or am I missing something?
Thanks for the help in advance.
UPDATE
I discovered that the main problem is with my 80 port, that doesn't want to work. When I use the port 8080 in configuration everything works fine. I even installed IIS and discovered the same problem. Both ports are forwarded in the routers configuration. I have a TL-WR740N router. After looking around for a while in settings I noticed that the routers web management port was set to 80, so I changed it. But the problem persists.
The modem is what talks to your ISP and therefore it is the modem that will be allocated a WAN IP address.
The router has a little DHCP server running in it and this will dynamically allocate IP addresses to your internal hardware as they power up their network cards. This could be your problem as when you were connected directly to the router your Laptops IP Address would have been 91.105.100.XXX but now it will be something like 192.168.X.Y.
So to run a server on the laptop you must configure it to NOT USE the DHCP allocated internal IP address or your port forwarding will only work if your laptop luckily gets the same internal ip address from the router each time you reboot the laptop.
So go to Control Panel -> Network and Sharing Center -> Change Adapter settings. This should get you to the Network Connections page of control panel.
Left click on the icon for your Wireless Network Connection and select Properties from the dropdown menu. On the properties dialog double click the Internet protocol version 4 (TCP/IPv4) line in the list to load the Properties dialog.
If you see a checkbox called Obtain an IP Address automatically and it is checked you are getting your ip address from the routers DHCP server.
Click the Use the following ip address checkbox and enter a valid ip address in the subnet range that your router is configured to allocate. It probably something like 192.168.0.x. Its a good idea here to check with the admin pages of your router, find what range the router is allocating and also there is normally a way of telling the DHCP server to allocate ip's from a range, for example it could be 192.168.0.100 to 192.168.0.200. This is the number range that dynamically allocated ips will come from, so you want to pick an ip for your laptop that is not between 100 and 200 so for example lets say 192.168.0.10. They do this expressly so you can setup servers with static ip address's. Some manufacturers leave high numbers for servers and some leave low numbers, so check your router.
It should look something like this, BUT CHECK YOUR OWN ROUTERS NUMBER RANGE!
Now your laptop is setup you now need to go and redo the port forwarding so that any communication on port 80 from the outside world is forwarded to port 80 on the static ip address you have just allocated to your laptop. Now comms should flow through the router to yout laptop.
I have followed the steps provided by Amazon EC2. I have installed a wordpress website in the EC2 Instance.
My public DNS is given as ec2-xx-xxx-xx-xxx.us-west-2.compute.amazonaws.com/
and Public IP is also given as xx-xxx-xx-xxx.
How to view the website from any other machine?
Note:
EC2 Instance is created and running now.
I can view it in the localhost as well as public DNS in the EC2 instance using RDP. (http://ec2-xx-xxx-xx-xxx.us-west-2.compute.amazonaws.com/)
If you can see the web site from the EC2 instance, but not from other machines, there is probably one of the following things wrong:
The DNS entry is not available or is wrong. Since you can RDP using that entry, this can't be the cause.
Access to the correct port is being blocked by the security group or firewall. Since the instructions you referenced specifically say to make sure that both port 80 (HTTP) and 3389 (RDP) are open, and you know that is true from port 3389, this isn't likely, but is possible. Make sure that there are security group rules for both port numbers that look the same.
The Windows server itself is refusing to allow outside access to port 80 on that address. This is unlikely, but not impossible, and the instructions specify that you should "disable Internet Explorer Enhanced Security Configuration", and at the end cover "Making Your WordPress Site Public". Make sure that the web server isn't configured to only respond to requests from localhost (127.0.0.1) and that there are no Windows firewall rules blocking port 80.
I think that the likeliest problem is number 2, above. Perhaps you forgot to open port 80 in the security group, or typed a different port number or a different address range to open it to.