I have a problem where apparently I can only get to ports 80 and 443 on my home Ubuntu server from inside my ISP's firewall. I can reach my home web server from my house, I can reach it from my employer who also uses the same ISP, but nobody else in the world can reach http://www.enchanter.net (or https). All other ports on my server appear to be reachable (email, my Docker server running Valheim, &c.) I've contacted my ISP and they say they are not blocking any ports to me. I have not set up any firewall on my home server. "ufw status" says "inactive".
So, first question: how can I figure out where I'm being blocked? How exactly do I figure out if my ISP has some firewall block that's preventing people from getting to my home web server, or whether it's some wrong setting on Ubuntu?
Second question: is there a way that I can get a certbot renewal without certbot having to connect in to my server (for now)?
My domain is:
I ran this command:
It produced this output:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Detail: 220.127.116.11: Fetching http://enchanter.net/.well-known/acme-challenge/6UTZjRFbe42EHHiGUUb7-KwSwOu9ms4zzotpzi62NVI: Timeout during connect (likely firewall problem)
Detail: 18.104.22.168: Fetching http://www.enchanter.net/.well-known/acme-challenge/_RDGPKot5cxbRWX774Nspho55AbboY8stZ2DmStku5g: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
Ubuntu 20.04.4 LTS
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):