Discussion in 'Server Operation' started by alphaman36, Sep 3, 2012.

  1. alphaman36

    alphaman36 New Member

    After getting my firewall configured correcly, my Wordpress web site (no ssl is enabled) the site will only respond to traffic on ssl
  2. TiTex

    TiTex Member

    you should provide more informations
    like what linux distribution are you using , your network setup , if you're using virtual hosts on your webserver
  3. alphaman36

    alphaman36 New Member


    Sorry about that. I am Ubuntu 12.04. Everything is virtual. The network setup is I open the firewall and NAT rules to permit traffic. I open the rule for https and I see the entire conversation (passing the dnat rule, then the firewall inbound rule) I change the rule to http I see it pass the dnat rule but never returns anything back on the packet filter rule
  4. falko

    falko Super Moderator ISPConfig Developer

    What are the outputs of
    iptables -L
    netstat -tap
  5. alphaman36

    alphaman36 New Member

    I added the nestat -tap from the firewall. Output is attached. I am guessing that's where the command was to be executed due to the iptables command you wanted executed. I got an error when I ran the iptables -L came back as an invalid command. I am using Astaro as the firewall. The one funny thing I did notice is when the inbound rule is enabled, when the ISP Config web server makes an http request (apt get I am guessing) that http request gets blocked even though the very first rule I have in my firewall is permit all outbounf http requests. As a side note, I see it getting processed by the DNAT rule, but not by the inbound rule, unless it's https then it will pass

    Attached Files:

    Last edited: Sep 5, 2012
  6. alphaman36

    alphaman36 New Member

    I also attached the two commands output from the web server itself. The attachment is labeled atlas - netstat and atlas iptables.

    Again thank you for the help, but the problem turned out to be a really weird one. I run a transparent proxy for my internal network and for some reason it was also applying it to the WAN interface. Once I worked around that problem, I was able to successfully get to the web site from the outside. Thank you again for the help with this problem

    Attached Files:

    Last edited: Sep 5, 2012

Share This Page