SSL/443 port showing as closed — Webserver Setup; Apache/Namecheap/DynamicDNS





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.



On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)



On the webserver (RasberryPi) - I ran an nmap scan:



Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)


So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.



<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html

#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>

#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On

#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>


Any help is much appreciated! Thank you in advance.










share|improve this question























  • Was this tested both internally and external?

    – Hefewe1zen
    Feb 8 at 23:02











  • Can you define the parameters of how you would test both internally and externally?

    – Pseudoremora
    Feb 8 at 23:35











  • You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?

    – Hefewe1zen
    Feb 8 at 23:49











  • Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.

    – Pseudoremora
    Feb 8 at 23:56











  • So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?

    – Hefewe1zen
    Feb 9 at 0:03




















0















I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.



On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)



On the webserver (RasberryPi) - I ran an nmap scan:



Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)


So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.



<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html

#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>

#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On

#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>


Any help is much appreciated! Thank you in advance.










share|improve this question























  • Was this tested both internally and external?

    – Hefewe1zen
    Feb 8 at 23:02











  • Can you define the parameters of how you would test both internally and externally?

    – Pseudoremora
    Feb 8 at 23:35











  • You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?

    – Hefewe1zen
    Feb 8 at 23:49











  • Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.

    – Pseudoremora
    Feb 8 at 23:56











  • So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?

    – Hefewe1zen
    Feb 9 at 0:03
















0












0








0








I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.



On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)



On the webserver (RasberryPi) - I ran an nmap scan:



Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)


So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.



<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html

#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>

#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On

#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>


Any help is much appreciated! Thank you in advance.










share|improve this question














I am facing a problem with my SSL/443 port. I setup a website which is currently being hosted on Apache, port 80. I do have an SSL certificate and was able to redirect HTTP to HTTPS -- but after a while port 443 stops responding to requests and I have to revert back to using port 80. Somehow 443/HTTPS works for little bit and then stops working.



On the modem (Actiontec C2100T - CenturyLink) - I have both port 80 and 443 open. However when I check online if 443 is open, I get the following: Error: I could not see your service on 97.118.xx.xx. on port (443)



On the webserver (RasberryPi) - I ran an nmap scan:



Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-08 17:50 UTC
Nmap scan report for Unknown.domain (192.168.0.30)
Host is up (0.000051s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
80/tcp open http Apache httpd 2.4.25 ((Raspbian))
85/tcp open http Apache httpd 2.4.25 ((Raspbian))
443/tcp open ssl/https Apache/2.4.25 (Raspbian)


So I don't think it's the server -- but I could be wrong. Here is my Apache config as well. I've commented out VirtualHost 443 for now until I can figure out why the port becomes inactive after being initially configured.



<VirtualHost *:80>
ServerName blissisit.com
#ServerName localhost
ServerAlias www.blissisit.com
DocumentRoot /var/www/html

#Redirect permanent / https://blissisit.com/
#Redirect permanent / https://192.168.0.30/
</VirtualHost>

#<VirtualHost *:443>
#ServerName blissisit.com
#ServerAlias www.blissisit.com
#DocumentRoot /var/www/html
#SSLCertificateFile /etc/ssl/blissisit_com.crt
#SSLCertificateKeyFile /etc/ssl/private/blissisit.key
#SSLCertificateChainFile /etc/ssl/blissisit_com.ca-bundle
#SSLEngine On

#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
#</VirtualHost>


Any help is much appreciated! Thank you in advance.







linux networking apache-http-server ssl raspberry-pi






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Feb 8 at 21:59









PseudoremoraPseudoremora

11




11













  • Was this tested both internally and external?

    – Hefewe1zen
    Feb 8 at 23:02











  • Can you define the parameters of how you would test both internally and externally?

    – Pseudoremora
    Feb 8 at 23:35











  • You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?

    – Hefewe1zen
    Feb 8 at 23:49











  • Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.

    – Pseudoremora
    Feb 8 at 23:56











  • So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?

    – Hefewe1zen
    Feb 9 at 0:03





















  • Was this tested both internally and external?

    – Hefewe1zen
    Feb 8 at 23:02











  • Can you define the parameters of how you would test both internally and externally?

    – Pseudoremora
    Feb 8 at 23:35











  • You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?

    – Hefewe1zen
    Feb 8 at 23:49











  • Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.

    – Pseudoremora
    Feb 8 at 23:56











  • So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?

    – Hefewe1zen
    Feb 9 at 0:03



















Was this tested both internally and external?

– Hefewe1zen
Feb 8 at 23:02





Was this tested both internally and external?

– Hefewe1zen
Feb 8 at 23:02













Can you define the parameters of how you would test both internally and externally?

– Pseudoremora
Feb 8 at 23:35





Can you define the parameters of how you would test both internally and externally?

– Pseudoremora
Feb 8 at 23:35













You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?

– Hefewe1zen
Feb 8 at 23:49





You may want to explain your network set up. Do you have a firewall/router in place and is the server behind it?

– Hefewe1zen
Feb 8 at 23:49













Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.

– Pseudoremora
Feb 8 at 23:56





Understood. Network wise -- I have a router an Actiontec C2100T from CenturyLink (basically a unit they provided as part of signing up with them). The firewall is disabled on the router. I've port forwarded port 443 and 80. The RasberryPi sits behind the router. There isn't anything special about the network at all. One router and the server plugs into it directly via Ethernet.

– Pseudoremora
Feb 8 at 23:56













So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?

– Hefewe1zen
Feb 9 at 0:03







So when it fails to connect, have you tried both the local IP and the public IP? Basically I want to eliminate the router as a potential problem. Also have you checked the apache logs?

– Hefewe1zen
Feb 9 at 0:03












1 Answer
1






active

oldest

votes


















0














Understanding the network topology goes a long way with nailing down these problems.



Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.



Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/



Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.






share|improve this answer
























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403692%2fssl-443-port-showing-as-closed-webserver-setup-apache-namecheap-dynamicdns%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Understanding the network topology goes a long way with nailing down these problems.



    Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
    Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.



    Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/



    Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.






    share|improve this answer




























      0














      Understanding the network topology goes a long way with nailing down these problems.



      Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
      Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.



      Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/



      Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.






      share|improve this answer


























        0












        0








        0







        Understanding the network topology goes a long way with nailing down these problems.



        Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
        Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.



        Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/



        Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.






        share|improve this answer













        Understanding the network topology goes a long way with nailing down these problems.



        Is this server exposed to the internet (e.g. in the DMZ) or is in on a private network with ports forwarded? If the latter, when the server fails to respond, is it failing both externally and internally (e.g. with the servers local private IP)?
        Confirm by testing both scenarios. Furthermore you can check the local loopback from the server.



        Server logs can help as well. For apache these will be access.log and error.log. Location may vary by distro but generally located in var/log/apache/ or /var/log/apache2/ or /var/log/httpd/



        Finally, you can try removing and re-adding the forwards, and possibly rebooting the modem/firewall. Also note that some ISPs do some trickery with their provided equipment as they may wish to deter non-business accounts from running servers.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Feb 18 at 16:52









        Hefewe1zenHefewe1zen

        1,242912




        1,242912






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403692%2fssl-443-port-showing-as-closed-webserver-setup-apache-namecheap-dynamicdns%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Сан-Квентин

            8-я гвардейская общевойсковая армия

            Алькесар