opening port 80 on Ubuntu AWS
Solution 1
Yes it is. It is like an easy-to-use version of iptables. Try to write, to see iptables firewall rules:
$ sudo iptables -L
You can open for port 80 by using:
$ sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
I can describe this line for your, if you need it. Just tell me :-)
Solution 2
This worked for me:
Run as root:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
Related videos on Youtube
gesus
Updated on September 18, 2022Comments
-
gesus over 1 year
I'm running a tomcat server on an
ubuntu
machine hosted in an AWS instance. I can reach the server viapublic_ip:8080
but when i change the listening port onserver.xml
from8080
to80
connection is refused by remote host.Port number
80
is enabled onAWS firewall
.I checked
ufw
viasudo ufw status
but result isinactive
Is
ufw
front-end of the underlying firewall mechanism?How can i enable port
80
onfirewall
?Thank in advance.
Ouptut of
iptables -S
:-P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT
Output of
netstat -punta
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 785/mysqld tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 613/sshd tcp 0 0 172.31.1.56:22 92.45.23.114:3913 ESTABLISHED 5825/sshd: ubuntu [ tcp 0 0 172.31.1.56:22 92.45.23.114:19374 ESTABLISHED 7320/sshd: ubuntu [ tcp 0 0 172.31.1.56:22 92.45.23.114:28051 ESTABLISHED 6901/sshd: ubuntu [ tcp 0 272 172.31.1.56:22 92.45.23.114:9327 ESTABLISHED 7428/sshd: ubuntu [ tcp 0 0 172.31.1.56:22 92.45.23.114:7597 ESTABLISHED 7034/sshd: ubuntu [ tcp 0 0 127.0.0.1:3306 127.0.0.1:45655 ESTABLISHED 785/mysqld tcp6 0 0 127.0.0.1:8005 :::* LISTEN 7275/java tcp6 0 0 :::8080 :::* LISTEN 7275/java tcp6 0 0 :::22 :::* LISTEN 613/sshd tcp6 0 0 127.0.0.1:45655 127.0.0.1:3306 ESTABLISHED 7275/java udp 0 0 0.0.0.0:68 0.0.0.0:* 538/dhclient3
Output of
netstat -na |grep \:80
before changing port to80
:tcp6 0 0 127.0.0.1:8005 :::* LISTEN tcp6 0 0 :::8080 :::* LISTEN
Output of
netstat -na |grep \:80
after changing port to80
:tcp6 0 0 127.0.0.1:8005 :::* LISTEN
Output of browser on port
80
:ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://54.194.236.229/TransportationAutomation/personnel.xhtml Connection to 54.194.236.229 failed. The system returned: (111) Connection refused The remote host or network may be down. Please try the request again. Your cache administrator is webmaster. Generated Fri, 14 Feb 2014 15:01:06 GMT by proxy (squid/2.7.STABLE7)
Port definition part of
server.xml
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="8443" />
part of Catalina.out when starting tomcat on
port 80
:Feb 14, 2014 3:04:25 PM org.apache.coyote.AbstractProtocol init SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-80"] java.net.BindException: Permission denied <null>:80 at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:391) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:554) at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:409) at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119) at org.apache.catalina.connector.Connector.initInternal(Connector.java:956) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:815) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) at org.apache.catalina.startup.Catalina.load(Catalina.java:594) at org.apache.catalina.startup.Catalina.load(Catalina.java:619) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:449) Caused by: java.net.BindException: Permission denied at java.net.PlainSocketImpl.socketBind(Native Method) at java.net.AbstractPlainSocketImpl.bind(AbstractPlainSocketImpl.java:376) at java.net.ServerSocket.bind(ServerSocket.java:376) at java.net.ServerSocket.<init>(ServerSocket.java:237) at java.net.ServerSocket.<init>(ServerSocket.java:181) at org.apache.tomcat.util.net.DefaultServerSocketFactory.createSocket(DefaultServerSocketFactory.java:49) at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:378) ... 17 more
UPDATE 2:
I installed tomcat via
apt-get
so it's a repackaged version of tomcat. Here it says that running tomcat as root will solve the problem but here it saysTomcat should not be run under the root user.
Isn't there any possible way to handle it with the repackaged tomcat instance?UPDATE 3:
I guessthis is the answer to my question
-
Daniel Widrick over 10 yearsPlease consider including the relevant sections of your server.xml, the output of iptables -S, and ideally the relevant output from netstat -punta with tomcat running.
-
David Levesque over 10 yearsIf you installed Tomcat using
apt-get
, I just want to point out that changing the port inserver.xml
is usually not enough, because port 80 is a privileged port. Did you check incatalina.out
to see if you have any error message? -
meatflag over 10 yearsBefore you change the port in server.xml, what is the output of netstat -na |grep \:80? Then after you change the port in server.xml and restart jetty what is the output of netstat -na |grep \:80? This does not seem to be a firewall issue.
-
-
gesus over 10 yearsoutput of
sudo iptables -L
isChain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
It would be perfect to describe the line that aims to open the port 80. Thanks in advence. -
KoKo about 9 yearsI run your command and port 80 is open, and I can access my website. Then after I reboot, the port is closed again, I have to re-open it each time. Is there a way to permanently open it? I'm running Ubuntu 14.04 LTS on a VPS
-
Hammad Hassan almost 7 yearsBeing a new person on AWS Server EC2 (Ubuntu) spent a lot of time on many things. I used your command to open a customized port and it worked. Although I have already added that customized port in Security Group, inbound section but still was unable to access. After running your command my website is running on my app needed server at customized port. Really helpful.