I'm unable to hit my server from a browser on another machine (it gives a 'connection has timed out' error), although typing http://localhost
or http://my-ip-here
works from the browser within the machine. I can ping and ssh into the server from other machines; it just seems like apache is rejecting the port-80 browser connections.
What can I do to further diagnose/fix this problem? Thanks in advance for your help.
edit: there is no firewall. This is my default site:
keone@kserver:/etc/apache2/sites-enabled$ ls -l
total 0
lrwxrwxrwx 1 root root 26 2010-12-16 15:20 000-default -> ../sites-available/default
keone@kserver:/etc/apache2/sites-available$ cat default
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/manual
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
also, this and this post seems to verify no firewall:
keone@kserver:/etc/apache2$ sudo /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
keone@kserver:/etc/apache2$ sudo /sbin/iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Best Answer
It might also he helpful to run tcpdump on both the client and the server and see if the packets are getting through
typical switches: tcpdump -i -n -p port 80
-n = don't resolve hostnames -p = non-promiscuous mode
Another thing to check is the listen directives in your apache config, try: grep -ir listen /etc/httpd/ thise should be something like *:80 or one each for your ip-address:80