[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: My site has become unreachable when I've implemented SSL

Thank you for your fast answer!

root@Casa-mia-1:~# lsof -i :443
COMMAND  PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
apache2  879     root    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2  948 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2  949 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2  950 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2  951 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2  952 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2 1385 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2 1386 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)
apache2 3386 www-data    6u  IPv6  20270      0t0  TCP *:https (LISTEN)

As for ufw, indeed port 443 was not enabled and I had problems in doing
it (bad port!!!!), at the end I wrote:
ufw allow https
Rule added
Rule added (v6)

now I have:

root@Casa-mia-1:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
CUPS                       ALLOW       Anywhere                  
......
Telnet                     ALLOW       Anywhere                  
VNC                        ALLOW       Anywhere                  
WWW                        ALLOW       Anywhere                  
Anywhere                   ALLOW       192.168.3.100             
Anywhere                   ALLOW       192.168.3.0/24            
2222/tcp                   ALLOW       Anywhere                  
5900:5910/tcp              ALLOW       Anywhere                  
2049                       ALLOW       192.168.3.100             
80/tcp                     ALLOW       Anywhere                  
443/tcp                    ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
CUPS (v6)                  ALLOW       Anywhere (v6)             
.......            
WWW (v6)                   ALLOW       Anywhere (v6)             
2222/tcp (v6)              ALLOW       Anywhere (v6)             
5900:5910/tcp (v6)         ALLOW       Anywhere (v6)             
80/tcp (v6)                ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)             

root@Casa-mia-1:~# systemctl restart apache2

but ... no avail, still "connection refused"

What else could be the culprit!!!! :-D

Thanks for your time!

Aldo :-)

P.S. Furthermore in ..../apache2/error.log I find:
PHP Warning:  PHP Startup: Unable to load dynamic library
'/usr/lib/php/20151012/apc.so' - /usr/lib/php/20151012/apc.so: cannot
open shared object file: No such file or directory in Unknown on line 0

Il giorno Mon, 19 Feb 2018 12:48:25 -0500
Greg Wooledge <wooledg@eeg.ccf.org> ha scritto:

> On Mon, Feb 19, 2018 at 06:36:01PM +0100, Aldo Maggi wrote:
> > Anyway, now if I browse writing my IP I get the Apache default page
> > (the browser tells me, anyway, that the site is unsecure), if I
> > write the name of the site I get (traslated from Italian):
> > Unable to reach the site
> > Connection denied by mysite.com  
> 
> "Connection refused" (the correct English translation) means that
> either the service is not listening to that port, or the packets
> were rejected by a firewall.
> 
> You will need to examine both of those possibilities.
> 
> Making sure the service is listening on :443 should be fairly easy.
> You can use "lsof -i :443" for example, or some ss or netstat command.
> 
> Checking whether you have a firewall blocking incoming 443 will be
> a bit harder.
>
Reply to: