I've opened port 80 in the web console on my E2C instance's security group but I still can't access it via the public dns in the browser.
Any ideas?
Opening port 80 EC2 Amazon web services [closed]
Asked Answered
This is actually really easy:
- Go to the "Network & Security" -> Security Group settings in the left hand navigation
- Find the Security Group that your instance is apart of
- Click on Inbound Rules
- Use the drop down and add HTTP (port 80)
- Click Apply and enjoy
He did mention that he's opened the port in the security group already, but it should be as easy as this... –
Mythology
Question was not answered, port 80 is open as the question states –
Santee
this helped us big time, the apply button is a little bit hidden, you have to scroll down to find it. –
Nth
I have already done this too, and it still doesn't work. –
Soper
I also didn't see the apply button way down there. –
Urochrome
Also, check your firewall (as nsof stated). RHEL has iptables started by default. Windows has windows FW. Turn them off and see if that was the problem. If it was, then edit the firewall to allow 80/443 and restart –
Dreeda
I need restart something? I added the rule on my proxy on ec2, but I cant access the port. –
Fedak
@Kefka late to the party but you shouldn't need to restart. Just remember to add the specific port in the rule. I thought I had to restart myself but even after like 4 restarts it still wasn't being accessed but after I put some thought to it only did I realize that port 3000 had to be opened..not HTTP which is port 80. Hope that helps. –
Counterproof
@Counterproof that is correct, there needs to be no restart. This question is specific to a web server talking over port 80 (apache default for example) but it goes the same for anything else. If you have some fancy JS app that runs on 3000, you should add that instead. Ports for the win! –
Quire
Make sure to allow ssh - I was locked out because apparently setting one allow rule deletes a default that allows ssh (guessing here). Once I allowed ssh I was able to get back in. Also note that your existing connections will be killed. –
Adlay
Check your firewall and add rule for the ports you intend to use. –
Lobule
Try this if you have already added HTTP(port 80) for your server's Security Group, try add following lines but still port 80 is still closed : /sbin/iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT ; /sbin/iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT ; /sbin/iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 –
Tabescent
youtube.com/watch?v=P8fdyyQjPuc –
Ferrer
Some quick tips:
- Disable the inbuilt firewall on your Windows instances.
- Use the IP address rather than the DNS entry.
- Create a security group for tcp ports 1 to 65000 and for source 0.0.0.0/0. It's obviously not to be used for production purposes, but it will help avoid the Security Groups as a source of problems.
- Check that you can actually ping your server. This may also necessitate some Security Group modification.
Er - I'd strongly recommend NOT disabling the Windows Firewall on an EC2 instance, ever. However, Server 2008 automatically keeps Port 80 closed by default, so you will need to add (or activate) the Port 80 'allow' rule. –
Subulate
I should have added that all steps above are really for debugging the issue, but then you should revert back to whatever is appropriate for your setup. –
Rackety
I agree with Jonners, especially if it's a windows box: any internet accessible box is liable to be portscanned by blackhats and script kiddies, even if naked to the internet for only a short time. "Reverting back", then continuing to use the potentially compromised server is a no-no for production use. Instead, burn the instance in the fires of hell and start a new one. –
Mythology
About the "disabling windows firewall", I had the same question, about if I should do that or not. Then, I found a clear response from amazon. "We recommend that you disable Windows Firewall and control access to your instance using security group rules." docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/… –
Rexrexana
i was trying to access a Flask web server from the public IP address of an EC2 instance using the port i had forwarded. when the Flask server was running it indicated that the port was open since
nmap -v -p 80 127.0.0.1 output 80/tcp open upnp, and i had disabled the firewall with sudo ufw disable. i found the reason why it wasn't working was actually because i failed to read the Flask web server documentation that required it be run with flask run --host=0.0.0.0, where flag --host=0.0.0.0 makes it an "Externally Visible Server" flask.palletsprojects.com/en/2.2.x/quickstart –
Trass - Check what security group you are using for your instance. See value of Security Groups column in row of your instance. It's important - I changed rules for default group, but my instance was under quickstart-1 group when I had similar issue.
- Go to Security Groups tab, go to Inbound tab, select HTTP in Create a new rule combo-box, leave 0.0.0.0/0 in source field and click Add Rule, then Apply rule changes.
For step one, i didn't see a Security Groups column, but under Actions->Networking->Change Security Groups, I am able to see which group the instance is under. –
Groceryman
For those of you using Centos (and perhaps other linux distibutions), you need to make sure that its FW (iptables) allows for port 80 or any other port you want.
See here on how to completely disable it (for testing purposes only!). And here for specific rules
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT is the rule you could add to /etc/sysconfig/iptables –
Spadiceous
© 2022 - 2024 — McMap. All rights reserved.