PDA

View Full Version : My httpd is not visible from either outside or inside except on 127.0.0.1



pailott
27th July 2007, 01:07 AM
I've been trying to get my web server running.

My httpd is not visible from either outside or inside except on 127.0.0.1.
I have fiddled with the port assignments to no effect. It may be no coincidence that nmap only shows http when I run
nmap 127.0.0.1

[root@mymachine myusername]# nmap 127.0.0.1

Starting Nmap 4.20 ( http://insecure.org ) at 2007-07-26 16:58 PDT
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1686 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
111/tcp open rpcbind
443/tcp open https
948/tcp open unknown
953/tcp open rndc
3306/tcp open mysql
8000/tcp open http-alt

Nmap finished: 1 IP address (1 host up) scanned in 0.105 seconds


If I run nmap mydomain.com
i only get

[root@mymachine myusername]# nmap mydomain.com

Starting Nmap 4.20 ( http://insecure.org ) at 2007-07-26 17:00 PDT
Interesting ports on www.mydomain.com (64.30.222.18):
Not shown: 1690 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
88/tcp open kerberos-sec
111/tcp open rpcbind
443/tcp open https
948/tcp open unknown
3306/tcp open mysql

Nmap finished: 1 IP address (1 host up) scanned in 0.114 seconds

No httpd showing. And notice kerberos on port 88.
In my httpd.conf file i made the listen port 88. If I use 80 then when I restart httpd I get the following message;

/etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: (98)Address already in use: make_sock: could not bind to address 127.0.0.1:80
no listening sockets available, shutting down
Unable to open logs
[FAILED]
And then neither httpd nor kerberos-sec is running.
Is kerberos shutting out access to my server both internally and externally ?
I can hardly find any useful info on kerberos-sec anywhere. Lots of mentiosn, no info.

So any ideas ? The only way to get httpd to start is to change the listen port.
But even when its running I cannot use it.

Peter

pparks1
27th July 2007, 01:22 AM
So, you have a line in your httpd.conf that reads
Listen 80
or
x.x.x.x:80

Do you also have any virtual hosts configured at the very bottom of httpd.conf???

pailott
27th July 2007, 01:30 AM
Yep,

I have

Listen xx.xx.xxx.xx:88 (my fixed ip address)
Listen 127.0.0.1:88

and

NameVirtualHost xx.xx.xxx.xx:88 (my fixed ip address)

and a few virtual hosts (the brought over from my old server where they worked fine !)

for example;

<VirtualHost xx.xx.xxx.xx:88>
ServerAdmin username@mydomain.com
DocumentRoot /var/www/html/htdocs
DirectoryIndex index.html
ServerName mydomain.com
ErrorLog /var/log/httpd/error_log
</VirtualHost>

Thanks for the quick response by the way ..

Peter

marcrblevins
27th July 2007, 04:48 AM
I think you are allow only one Listen line.

Why did you change your port number? Forcing your web server users type in :88?

pailott
27th July 2007, 06:21 AM
When I let it use the default port # 80, it fails to load with the following message;

HTTPD will not start, keeps giving me the "(98)Address already in use:make_sock:could not bind to address 127.0.0.1:80
no listening sockets available, shutting down"

No matter what I did, theonly thing that helped was putting 88 in the httpd.conf file. But running nmap 127.0.0.1 show httpd on 80, and kerberos on 88. I do not know what is going on with this.

marcrblevins
27th July 2007, 07:37 AM
telnet localhost 80
GET


What does that tell you?

pailott
27th July 2007, 07:49 AM
If i run telnet local host 80 I get the test page I set up to test the default httpd location.
I can use my browser if I put 127.0.0.1, or localhost. However any other reference fails.

marcrblevins
27th July 2007, 07:56 AM
cat /etc/hosts


You see 127.0.0.1 there?

Are you using /var/www/html as your location? If not, you have to tell Selinux that.


getsebool -a | grep http


I have my html in my home directory so I can use Quanta Plus there.
httpd_enable_homedirs --> on

pailott
27th July 2007, 08:08 AM
/etc/hosts has 127.0.0.1

I have Selinux disabled, which is what getsebool -a |grep httpd confirms.

pparks1
27th July 2007, 04:55 PM
does /etc/hosts say

127.0.0.1 server.domain.com server localhost.localdomain localhost


The only thing that should work with your current config is likely http://locahost or http://127.0.0.1

Do you have the firewall allowing port 80 traffic from other machines? /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Does your Linux box have valid DNS resolution for the domains in question? For example, can you type in {ping domain.com} and get a response to an IP which matches an IP on your Linux host?