apache server not listening on port 80
Solution 1
As Michael Hampton has commented on your post, I'd bet that your firewall (iptables) is blocking your traffic.
Either disable it (systemctl disable firewalld
), or tell it to allow traffic on port 80 (firewall-cmd --zone=public --add-port=80/tcp --permanent
).
Solution 2
The fact that port 80 is filtered or not is not relevant for the netstat output. Even if iptables is configured to block (DROP or REJECT) connection to that port you should see that Apache is listening to the 80 port.
The point is that httpd is configured to listen to BOTH IPv4 and IPv6 ANY addresses (0.0.0.0 and ::) and, in that case, netstat shows only the IPv6 one. The explanation is here:
https://bugs.launchpad.net/ubuntu/+source/net-tools/+bug/657270
In short: in that case the IPv6 connection is capable of serving BOTH protocols and so only one socket is opened. And since only one socket is opened, only one socket is showed in the netstat output.
Related videos on Youtube
![Geoffrey McCosker](https://i.stack.imgur.com/SaKTp.jpg?s=256&g=1)
Geoffrey McCosker
Updated on September 18, 2022Comments
-
Geoffrey McCosker almost 2 years
Both my workstation and server are on the same lan segment and can ping each other (and I can ssh into the server from my workstation without issues).
Did a default install of apache on centos 7.
Started the service, but I cannot browse to my webserver from my workstation.
nmap report port 80 is filtered.
I disabled SELinux on the server but the port is still filtered.
Here is what netstat -l gives me:
Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp6 0 0 [::]:http [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN raw6 0 0 [::]:ipv6-icmp [::]:* 7
Weirdly netstat -na shows port 80 as listening, but for ipv6 (though I read somewhere this doesn't necessarily mean its not listening on ipv4 either)
Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 64 10.1.1.1:22 10.2.2.2:44939 ESTABLISHED tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN raw6 0 0 :::58 :::* 7
Here are relevant part of my /etc/httpd/conf/httpd.conf (which I have not modified)
<Directory /> AllowOverride none Require all denied </Directory> <Directory "/var/www"> AllowOverride None # Allow open access: Require all granted </Directory> <Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> <Files ".ht*"> Require all denied </Files>
The service seems to be running ok:
httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled) Active: active (running) since Fri 2015-10-02 08:36:40 EDT; 1h 27min ago Process: 23294 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS) Main PID: 23302 (httpd) Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec" CGroup: /system.slice/httpd.service ├─23302 /usr/sbin/httpd -DFOREGROUND ├─23303 /usr/sbin/httpd -DFOREGROUND ├─23304 /usr/sbin/httpd -DFOREGROUND ├─23305 /usr/sbin/httpd -DFOREGROUND ├─23306 /usr/sbin/httpd -DFOREGROUND └─23307 /usr/sbin/httpd -DFOREGROUND
Why isn't it listening on port 80?
-
Michael Hampton over 8 yearsYou forgot to open the port in the firewall.
-
-
Michael Hampton over 8 yearsThose are not the correct commands for a CentOS 7 system by default.
-
Geoffrey McCosker over 8 yearsStopping firewalld worked, but I tried firewall-cmd --add-service=http and that doesn't seem to open the port for me (still blocked after running that command)
-
Geoffrey McCosker over 8 yearsThis worked: firewall-cmd --zone=public --add-port=80/tcp --permanent
-
Mugurel over 8 yearsYou should reload the firewall daemon by running firewall-cmd --reload after making the changes. --reload Reload firewall rules and keep state information. Current permanent configuration will become new runtime configuration, i.e. all runtime only changes done until reload are lost with reload if they have not been also in permanent configuration.
-
user157735 almost 7 yearsThese will work in CentOS 6.6