I am trying to run an apache web server on RH7.1 via a cable modem. At one point, I was able to get to it from the outside, but I can't now. I have the domain name pointing to my IP, so I know that's not the problem. Besides, last week I could get the site sometimes - sometimes it worked and sometimes it didn't. I can ping the site with both www.mysite.com (http://www.mysite.com) and the IP address (internally and from the Internet).

I ran a port scan and it shows port 80 being open on the internal network, but it doesn't show it open from outside the network. I know all the web files are in the right place cause I can go to www.mysite.com (http://www.mysite.com) from the internal network.

I flushed the ipchains and entered the following:

echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -A forward -i eth0 -j MASQ
ipchains -P forward DENY
/etc/rc.d/init.d/xinetd restart

I can get out fine from my internal network and can see the website internally, I just can't view the site from the Internet.

Also, I know I need to get a better firewall and probably use IPTABLES, but I'm just trying to get this site up fairly fast in order to get some pictures to my friends.

I think I need a definition to open up port 80, but I can't find a simple one. Any ideas?

Thanks

It is possible that your cable provider has blocked all external access to port 80 in an atempt to stop the spread of red worm.

A good way to test this is by turning on telnet and httpd. Telnet to the computer on the normal telnet port. Now try telneting to port 80. If you can telnet to the telnet port, but not to the http port, then it's likely that it's blocked.

Also, if you know someone near you who also has cable, get them to check if they're blocked or not.

You might want to try moving apache to a different port (like 8080 for example). I think you just have to tell it chage the httpd.conf file so it has "Listen 8080", or maybe "Port 8080", or maybe both.

Well, I tried changing to port 8080, but that didn't help. I also turned on telnet, and I could telnet into both. Any more suggestions?

Thanks

You dont need to turn on telnet in order to telnet to ports. Also, I would turn that off ASAP, esp. if you are on cable.

just an F.Y.I...if you plan on servicing a high number of users on your site you wont have much luck with the cable modem...cable modems have high downstream speeds...but upstream is very slow....and thats what you need for web serving....also your cable provider may not like it very much....just an F.Y.I from someone who has lived it.

I found out the problem is port 80 is turned off. The web page I'm running won't be a big page that is accessed by many. It's just a small, simple page that may be hit a couple times per day.

I tried changing to port 8080, but I couldn't get that to work. Here's how I did it.

/etc/httpd/conf/httpd.conf I changed Listen 80 to Listen 8080.

Is this the only change I need to make. Keep in mind that it worked last week before they stopped port 80. Plus, I can view the page internally, and port 80 is open when I do an internal scan, but not when I do an external scan.

Originally posted by Stoney:
<STRONG>and port 80 is open when I do an internal scan, but not when I do an external scan.</STRONG>

Then it's blocked either by your ISP or by your firewall.

You say you tried changing the Apache port to 8080. Did you remember to restart Apache after doing that? If so, port 80 shouldn't be showing as open anymore.