Last week I got a call from a scared customer because he thought his website was hacked. When I looked up his website I saw the apache2
default page. That night my server (Ubuntu 16.04 LTS
) had upgraded and rebooted. Normally when something goes wrong I would've got alerted during the night. This time not, because the monitoring system checks for HTTP status code 200, and the apache2
default page comes with status code 200.
What happened is that during startup apache2
was faster to bind to port 80 and 443 than my actual webserver nginx. I did not install apache2 myself. Through aptitude why apache2
I found out the php7.0 package requires it.
Simply removing apache2
won't work because apparently php7.0 requires it. Is it somehow possible create a restriction so that only nginx is allowed to bind to port 80 and 443?
Other solutions are more than welcome too.
Best Answer
You can't prevent a port from being bound by the wrong service. In your case, just remove apache from autostart and you should be good.
For 16.04 and newer:
For older Ubuntu versions: