No outbound connections for apache2

apache-2.2

I'm unable to hit my server from a browser on another machine (it gives a 'connection has timed out' error), although typing http://localhost or http://my-ip-here works from the browser within the machine. I can ping and ssh into the server from other machines; it just seems like apache is rejecting the port-80 browser connections.

What can I do to further diagnose/fix this problem? Thanks in advance for your help.

edit: there is no firewall. This is my default site:

keone@kserver:/etc/apache2/sites-enabled$ ls -l
total 0
lrwxrwxrwx 1 root root 26 2010-12-16 15:20 000-default -> ../sites-available/default

keone@kserver:/etc/apache2/sites-available$ cat default
<VirtualHost *:80>
    ServerAdmin webmaster@localhost

    DocumentRoot /var/www/manual
    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory /var/www/>
        Options FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>

also, this and this post seems to verify no firewall:

keone@kserver:/etc/apache2$ sudo /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
keone@kserver:/etc/apache2$ sudo /sbin/iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Best Answer

It might also he helpful to run tcpdump on both the client and the server and see if the packets are getting through

typical switches: tcpdump -i -n -p port 80

-n = don't resolve hostnames -p = non-promiscuous mode

Another thing to check is the listen directives in your apache config, try: grep -ir listen /etc/httpd/ thise should be something like *:80 or one each for your ip-address:80

Related Topic