Can't access server through web access despite allowing ports 80 & 443?

Question

Here is the server's iptables file

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [13:2648]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p icmp -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 
-A INPUT -j REJECT --reject-with icmp-host-prohibited 
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited 
COMMIT

when I attempt to access it through web access, it won't work, and only works if I stop the iptables service, what is missing?

score 2 · Accepted Answer · answered Jul 12 '15 at 13:39

The rules are processed sequentially from top to bottom, so when it hits the rule

-A INPUT -j REJECT --reject-with icmp-host-prohibited

none of the other rules will be reached.

Make sure those other rules appear before the blanket REJECT rule and you should be all set

score -2 · Answer 2 · answered Jul 12 '15 at 13:39

-2

The solution to your problem is staring you in the face. Read the rules carefully remembering that order matters.

answered Jul 12 '15 at 13:39

user9517

115,471
20
215
297

Can't access server through web access despite allowing ports 80 & 443?

2 Answers2