Linode host not allowing 80/443

WLS-ITGuy

Today I got an email from Linode saying that the host that my instance resides on was having issues. After they "fixed it" and rebooted I no longer have access via the web. I can SSH into it but that is all. I am by no means a linux guru so I am not sure where the issue lies.

Last I recall I didn't have any firewall on the server. It is running Debian 9.

Any help would be greatly appreciated!!

WLS-ITGuy

This is all greek to me

root@wls-online:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
f2b-sshd   tcp  --  anywhere             anywhere             multiport dports ssh

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain f2b-sshd (1 references)
target     prot opt source               destination         
REJECT     all  --  58.137.172.213       anywhere             reject-with icmp-port-unreachable
REJECT     all  --  23.102.255.235       anywhere             reject-with icmp-port-unreachable
RETURN     all  --  anywhere             anywhere

WLS-ITGuy

Here is the -S output

root@wls-online:~# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N f2b-sshd
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A f2b-sshd -s 23.102.255.235/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s 58.137.172.213/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -j RETURN

WLS-ITGuy

Netstat output:

root@wls-online:~# netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      3480/mysqld         
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      3342/dovecot        
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      3342/dovecot        
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      2241/rpcbind        
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3340/sshd           
tcp6       0      0 :::110                  :::*                    LISTEN      3342/dovecot        
tcp6       0      0 :::143                  :::*                    LISTEN      3342/dovecot        
tcp6       0      0 :::111                  :::*                    LISTEN      2241/rpcbind        
tcp6       0      0 :::22                   :::*                    LISTEN      3340/sshd           
udp        0      0 0.0.0.0:111             0.0.0.0:*                           2241/rpcbind        
udp    24576      0 45.79.157.52:123        0.0.0.0:*                           3922/ntpd           
udp        0      0 127.0.0.1:123           0.0.0.0:*                           3922/ntpd           
udp        0      0 0.0.0.0:123             0.0.0.0:*                           3922/ntpd           
udp        0      0 0.0.0.0:721             0.0.0.0:*                           2241/rpcbind        
udp6       0      0 :::111                  :::*                                2241/rpcbind        
udp6       0      0 fe80::f03c:91ff:fe2:123 :::*                                3922/ntpd           
udp6   48384      0 2600:3c03::f03c:91f:123 :::*                                3922/ntpd           
udp6       0      0 ::1:123                 :::*                                3922/ntpd           
udp6       0      0 :::123                  :::*                                3922/ntpd           
udp6       0      0 :::721                  :::*                                2241/rpcbind

WLS-ITGuy

I went through the logs a bit and found that this:

[FAILED] Failed to start Load Kernel Modules.

I'm sure this isn't good:

● systemd-modules-load.service - Load Kernel Modules
   Loaded: loaded (/lib/systemd/system/systemd-modules-load.service; static; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2018-07-03 11:09:01 CDT; 35min ago
     Docs: man:systemd-modules-load.service(8)
           man:modules-load.d(5)
  Process: 1990 ExecStart=/lib/systemd/systemd-modules-load (code=exited, status=1/FAILURE)
 Main PID: 1990 (code=exited, status=1/FAILURE)

Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.

WLS-ITGuy

All good. I dove way too deep on this one :crazy_face:

Turns out when I upgraded Moodle I forgot to put a log directory back in place and it was failing on the Apache restart.

travisdh1

@wls-itguy said in Linode host not allowing 80/443:

All good. I dove way too deep on this one :crazy_face:

Turns out when I upgraded Moodle I forgot to put a log directory back in place and it was failing on the Apache restart.

I was just gonna ask if you're sure the service that's supposed to respond on those ports was running. That's the first thing I check anymore. Glad you were able to get it sorted.

WLS-ITGuy

@travisdh1 said in Linode host not allowing 80/443:

@wls-itguy said in Linode host not allowing 80/443:

All good. I dove way too deep on this one :crazy_face:

Turns out when I upgraded Moodle I forgot to put a log directory back in place and it was failing on the Apache restart.

I was just gonna ask if you're sure the service that's supposed to respond on those ports was running. That's the first thing I check anymore. Glad you were able to get it sorted.

For some reason I just went deep end because of Linode being involved. Oh well, lesson learned...I hope.