Does HestiaCP have it's own Firewall?

Community Support
1

Hi,
I am getting a refused connection on port 8080

root@expressresponse:/# telnet localhost 8080
Trying ::1...
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused

So I looked at the ubuntu firewall - ufw

root@expressresponse:/# ufw status
Status: inactive

Hence my question above …
Is HespiaCP managing the Firewall ?
If so, where to I look ate the ports and open/close them ?

Thanks

2

Hestia uses Iptables as firewall

3

It appears that Apache is not set to listen on port 8080 for the localhost.

Result from :
root@expressresponse:/# ss -tnlp | grep apache2


LISTEN 0      511                        94.46.186.222:8443        0.0.0.0:*     users:(("apache2",pid=1317208,fd=8),("apache2",pid=1317207,fd=8),("apache2",pid=1317206,fd=8),("apache2",pid=1100013,fd=8))
LISTEN 0      511                       78.157.211.222:8443        0.0.0.0:*     users:(("apache2",pid=1317208,fd=6),("apache2",pid=1317207,fd=6),("apache2",pid=1317206,fd=6),("apache2",pid=1100013,fd=6))
LISTEN 0      511                       78.110.163.102:8443        0.0.0.0:*     users:(("apache2",pid=1317208,fd=4),("apache2",pid=1317207,fd=4),("apache2",pid=1317206,fd=4),("apache2",pid=1100013,fd=4))
LISTEN 0      511                        94.46.186.222:8080        0.0.0.0:*     users:(("apache2",pid=1317208,fd=9),("apache2",pid=1317207,fd=9),("apache2",pid=1317206,fd=9),("apache2",pid=1100013,fd=9))
LISTEN 0      511                       78.157.211.222:8080        0.0.0.0:*     users:(("apache2",pid=1317208,fd=7),("apache2",pid=1317207,fd=7),("apache2",pid=1317206,fd=7),("apache2",pid=1100013,fd=7))
LISTEN 0      511                       78.110.163.102:8080        0.0.0.0:*     users:(("apache2",pid=1317208,fd=5),("apache2",pid=1317207,fd=5),("apache2",pid=1317206,fd=5),("apache2",pid=1100013,fd=5))
LISTEN 0      511                            127.0.0.1:8081        0.0.0.0:*     users:(("apache2",pid=1317208,fd=3),("apache2",pid=1317207,fd=3),("apache2",pid=1317206,fd=3),("apache2",pid=1100013,fd=3))
root@expressresponse:/#

How would I change that using HespiaCP ?

4

I have opened port 8085

HestiaCP-06
HestiaCP-061133×851 62.5 KB

and
service hestia restart
service apache2 restart

and
cat /home/dave/conf/web/gldn.page/apache2.conf

<VirtualHost 127.0.0.1:8085>

    ServerName localhost

    DocumentRoot /home/dave/web/gldn.page/public_html
    ScriptAlias /cgi-bin/ /home/dave/web/gldn.page/cgi-bin/
    Alias /vstats/ /home/dave/web/gldn.page/stats/
    Alias /error/ /home/dave/web/gldn.page/document_errors/
    #SuexecUserGroup dave dave
    CustomLog /var/log/apache2/domains/gldn.page.bytes bytes
    CustomLog /var/log/apache2/domains/gldn.page.log combined
    ErrorLog /var/log/apache2/domains/gldn.page.error.log

    IncludeOptional /home/dave/conf/web/gldn.page/apache2.forcessl.conf*

    <Directory /home/dave/web/gldn.page/stats>
        AllowOverride All
    </Directory>
    <Directory /home/dave/web/gldn.page/public_html>
        AllowOverride All
        Options +Includes -Indexes +ExecCGI
    </Directory>

    <FilesMatch \.php$>
        SetHandler "proxy:unix:/run/php/php8.0-fpm-gldn.page.sock|fcgi://localhost"
    </FilesMatch>
    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

    IncludeOptional /home/dave/conf/web/gldn.page/apache2.conf_*
    IncludeOptional /etc/apache2/conf.d/*.inc
</VirtualHost>

BUT still the port is not listening

root@expressresponse:~# ss -tnlp | grep apache2
LISTEN    0         511           94.46.186.222:8080            0.0.0.0:*        users:(("apache2",pid=75104,fd=9),("apache2",pid=75103,fd=9),("apache2",pid=75102,fd=9),("apache2",pid=75101,fd=9))
LISTEN    0         511          78.157.211.222:8080            0.0.0.0:*        users:(("apache2",pid=75104,fd=7),("apache2",pid=75103,fd=7),("apache2",pid=75102,fd=7),("apache2",pid=75101,fd=7))
LISTEN    0         511          78.110.163.102:8080            0.0.0.0:*        users:(("apache2",pid=75104,fd=5),("apache2",pid=75103,fd=5),("apache2",pid=75102,fd=5),("apache2",pid=75101,fd=5))
LISTEN    0         511               127.0.0.1:8081            0.0.0.0:*        users:(("apache2",pid=75104,fd=3),("apache2",pid=75103,fd=3),("apache2",pid=75102,fd=3),("apache2",pid=75101,fd=3))
LISTEN    0         511           94.46.186.222:8443            0.0.0.0:*        users:(("apache2",pid=75104,fd=8),("apache2",pid=75103,fd=8),("apache2",pid=75102,fd=8),("apache2",pid=75101,fd=8))
LISTEN    0         511          78.157.211.222:8443            0.0.0.0:*        users:(("apache2",pid=75104,fd=6),("apache2",pid=75103,fd=6),("apache2",pid=75102,fd=6),("apache2",pid=75101,fd=6))
LISTEN    0         511          78.110.163.102:8443            0.0.0.0:*        users:(("apache2",pid=75104,fd=4),("apache2",pid=75103,fd=4),("apache2",pid=75102,fd=4),("apache2",pid=75101,fd=4))
root@expressresponse:~#
  • what have I missed ?

root@expressresponse:~# telnet localhost 8085
Trying ::1...
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
5

The answer to this problem was fairly simple …

In the /etc/apache2/ports.conf file

add a line so it reads

# Powered by hestia
listen 8085

Hope that helps others