let me reboot now.
I haven't, but when I ran:
sudo service iptables save
it gave me:
iptables: unrecognized service
these commands worked fine:
root@lenovo-server:/etc/apache2/sites-available# sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
root@lenovo-server:/etc/apache2/sites-available# sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
root@lenovo-server:/etc/apache2/sites-available# ufw status
Status: inactive
so the firewall isn't even on.
rebooting now.
iptables --list
I suspect that if you have both a drop and an accept, the drop might come first.
Just for clarity: ufw and iptables are both firewalls
[but not the SAME firewall]
sudo apt-get install ufw
sudo apt-get install iptables
ah ok. Yeah so UFW isn't enabled. Iptables --list returned this:
george@lenovo-server:~$ sudo su
[sudo] password for george:
root@lenovo-server:/home/george# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Looks like my iptables rules for 80 and 443 didn't take effect.
hmm...
So, what is blocking/stopping the HTTPS requests?
Let's recheck the port forwarding.
80 and 443 port forwarded to internal server ip with TCP. Triple checked.
Maybe router NAT filtering, or misconfigured apache2.conf?
Four eyes are better than two.
Can I see?
What shows?:
netstat -pant | grep -i listen | grep apache
SO WEIRD
root@lenovo-server:/home/george# netstat -pant | grep -i listen | grep apache
tcp6 0 0 :::80 :::* LISTEN 772/apache2
only port 80 is open. There has to be some firewall rule disabling port 443, or apache2.conf is not set to use it.
443 isn't listening.
Show:
apachectl -t -D DUMP_VHOSTS
root@lenovo-server:/etc/apache2# apachectl -t -D DUMP_VHOSTS
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80 is a NameVirtualHost
default server www.techmasterdesign.com (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost www.techmasterdesign.com (/etc/apache2/sites-enabled/000-default.conf:1)
alias techmasterdesign.com
port 80 namevhost groupfinder.cc (/etc/apache2/sites-enabled/groupfinder.conf:1)
alias www.groupfinder.cc
port 80 namevhost wavebuddha.com (/etc/apache2/sites-enabled/wavebuddha.conf:1)
alias www.wavebuddha.com
That shows it only listening on port 80.
Did you a2ensite?
show:
ls -l /etc/apache2/sites-enabled/
I did
lrwxrwxrwx 1 root root 35 Aug 29 20:40 **000-default.conf** -> **../sites-available/000-default.conf**
lrwxrwxrwx 1 root root 42 Aug 29 22:36 **000-default-le-ssl.conf** -> **../sites-available/000-default-le-ssl.conf**
lrwxrwxrwx 1 root root 35 Aug 29 21:10 **groupfinder.conf** -> **../sites-available/groupfinder.conf**
lrwxrwxrwx 1 root root 34 Aug 29 21:10 **wavebuddha.conf** -> **../sites-available/wavebuddha.conf**
Did you restart apache?
Show:
ls -l /etc/apache2/sites-available/
the whole server and apache yeah lol
maybe i didn't enable ssl module in apache: ()
show:
ls -l /etc/apache2/sites-available/
Maybe you need to remove the IF wrapper: