0

I'm hosting a default site for apache2 server on AWS EC2 (Ubuntu) with Elastic IP.

Security group set to open all inbound (testing purposed).

I can access the server via SSH using public IP but I can't via HTTP.

I can browse the site from localhost (using lynx 127.0.0.1).

I can also browse the site from a different EC2 on the same subnet.

Here is my iptables:

-P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

open ports:

tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* tcp LISTEN 0 511 *:80 *:* tcp LISTEN 0 128 [::]:22 [::]:* tcp LISTEN 0 511 *:443 *:*

Firewalls are inactive.

I have also just tried installing nginx on that second VM I spinned on the same subnet and curiously I also can't access the web server o port 80.

So now I also created a new instance on a separate subnet and still can't reach it via HTTP. It is reachable via SSH though.

Not sure what am I missing.

Update 1:

That's extremely bizarre, I have also MySQL running on that machine which is also accessible. Seems that routing and security groups are all correct but for some reason HTTP and HTTPS traffic is being blocked by something.

Update 2:

I turned on Flow logs on VPC and all my request on port 80 rejected, 22 and 3306 get in without problem.

my.ip.goes.here. 10.1.1.68 64087 80 6 1 64 1694528397 1694528415 REJECT OK

Network ACL is set to allow all inbound and outbound:

100 All traffic All All 0.0.0.0/0 Allow * All traffic All All 0.0.0.0/0 Deny

Security Group allows all traffic in and out:

All Traffic 0.0.0.0/0

This is getting stranger and stranger.

Improve this question
11
  • Why is port 80 not showing as open? Presumably the config file for your Apache instance should have been edited so it listens to the network port as well as the loopback interface. Commented Sep 11, 2023 at 22:49
  • I'm not sure but would that matter if another VM on the same private subnet can access that port? Commented Sep 11, 2023 at 23:07
  • possibly an apache configuration error Commented Sep 11, 2023 at 23:52
  • 1
    A longer troubleshooting approach is described here serverfault.com/a/1109720/37681 Commented Sep 12, 2023 at 7:59
  • @JaromandaX - I think it's more on the AWS VPC level maybe. I installed nginx on the second machine and still no luck. Commented Sep 12, 2023 at 8:25

2 Answers 2

Reset to default
0

Try using tspdump to track packets - whether the packet arrives at the host or not. If the packet arrives, then obviously something on the server is blocking or discarding it. Completely reset all firewall rules, or better yet, turn it off completely (for testing). Well, first of all, check the web server settings, it’s possible that something is not configured correctly. Try inserting a simple static page and the combination of these measures - you will definitely figure out the problem.

Improve this answer
1
  • Thanks! Packets are not arriving whenever I use public IP. The moment I use private IP on the subnet - they do. Seems like the VPC has an issue somewhere. Commented Sep 12, 2023 at 8:41
0

I found a solution.

I opened up nginx on port 81 which worked ok and so I thought it must be only blocking any web ports.

After a bit of research this was due to the fact that my EC2 was reported with "EC2 Abuse Report".

In between millions of emails there was one:

We have received abuse report(s) implicating resources on your AWS account. As a result, we have taken the following steps against the implicated resources, in order to mitigate the activity:

** Blocked inbound HTTP ports 80,8080 and 443 in the region**

Previously there was different EC2 instance in that region that had a certain software installed that got hacked and it was shutdown.

It would be great if that was somehow indicated on the EC2 instance in the console.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.