0

I created a new VirtualHost file with the folllowing parameters:

<VirtualHost *:6060>
    ServerAdmin xxx@xxx.systems

    DocumentRoot /var/www/xxx/httpdocs

    <Directory /var/www/xxx/httpdocs>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    CustomLog /var/www/xxx/statistics/logs/access_ssl_log combined
    ErrorLog  /var/www/xxx/statistics/logs/error_log

</VirtualHost>

I created/opened apache port in ports.conf

Listen 6060

And checked if the port is opened

nmap -T Aggressive -A -v 127.0.0.1 -p 1-65000

Double checked everything here but still cannot access via the specified port 6060. What could be the problem?

Community
  • 1
sitilge
  • 105
  • 1
  • 6
  • 2
    Did you restart Apache after making those changes and what is the output of `apachectl -S`? – HBruijn Mar 24 '15 at 14:11
  • @HBruijn Yes, i did. *:6060 some.site.net (/etc/apache2/sites-enabled/xxx:1). Thats it for the 6060. What should be the output? – sitilge Mar 24 '15 at 14:17
  • Thanks for doing do so! You'd be surprised how often just asking for the obvious acually solves problems :) - That looks about right. `telnet localhost 6060` also fails to connect? Or is it just connecting remotely that fails (which could indicate a firewall issue)? – HBruijn Mar 24 '15 at 14:24
  • @HBruijn the telnet fails: telnet: **Unable to connect to remote host: Connection refused**. I am not able to connect to it external nor internal. – sitilge Mar 24 '15 at 14:29

2 Answers2

0

Is httpd listening on the port?

netstat -apn | grep 6060 or netstat -apn | grep httpd

If httpd is listening on the port, perhaps a firewall is blocking inbound connections on the port.

If you're using a distribution with systemd/firewalld, you can use the following instructions to add a port to the zone in use:

firewall-cmd --get-active-zones (determine the zone in use by the interface that should be handling this traffic)

firewall-cmd --zone=zoneinquestion --list-all (confirm the port isn't in the list of open ports)

firewall-cmd --zone=zoneinquestion --add-port=6060/tcp --permanent firewall-cmd --reload

petemcdonnell
  • 16
  • 2
0

If using iptables as a firewall, you could try temporarily disabling it to rule out any firewall cause:

/etc/init.d/iptables save

/etc/init.d/iptables stop

Then check if you can connect. If so, it's a firewall issue.

Be sure to re-enable the firewall when you're done:

/etc/init.d/iptables start

Of course if this is a super high security server you shouldn't disable your firewall, but if you have all security updates installed and no weak passwords, the risk is greatly reduced in doing so for a short time.

sa289
  • 1,318
  • 2
  • 18
  • 44