Hi, On a new install, on an OVH server, which was working fine for about 24 hours with websites and email I decided for added security I wanted to change the Hestia port.
Instead of amending the firewall port entry for the Hestia control panel, I added a new entry, exactly the same as the original line but with a different port (duh it’s been a long day). Immediately, the server stopped responding to any port request. I couldn’t even ssh in. From rescue disk I switched iptables off using the iptables command to generate an allow all config and rebooted.
I set data/firewall/rules.conf back to the default.
However, on reboot when the Hestia /etc/iptables.rules gets rebuilt, it still blocks ALL. Is there a Hestia iptables conf file I’m missing. It’s almost like its not reading the Hestia updated iptables.rules on reboot.
Any help will stop me tearing my hair out. Thanks
Hi,
You need to flush the iptables as well as accept the traffic by following command:
iptables-save | awk '/^[*]/ { print $1 } /^:[A-Z]+ [^-]/ { print $1 " ACCEPT" ; } /COMMIT/ { print $0; }' | iptables-restore
Regardless of any rules in the iptables or conf or whatsoever, if you flush the table rules in there, then it is empty.
This should be your first starting point.
Thereafter you need to see if there are other things in place that filters traffic, like external security mechanisms outside of your server (This would be most likely NOT the case). For e.g. OVH has a firewall before the server. If this is activated, then you need to open respective ports. Normally it is deactivated and allows all traffic. If you use Openstack Horizon panel, then check security groups in there. They should be by default open to all traffic, though.