Page tree
Skip to end of metadata
Go to start of metadata

Troubleshooting the Apache web server setup

Problem
Users are unable to connect to Apache through a browser

Cause
Firewall configuration prevents access to the web server from client browsers

Resolution

  1. Temporarily disable the firewall for testing purposes.
    1. Log into lnxpb01 as root.

    2. Stop the iptables service. Type:
      > service iptables stop

      You should see output similar to the following:

      iptables: Flushing firewall rules: [ OK ]
      iptables: Setting chains to policy ACCEPT: filter [ OK ]
      iptables: Unloading modules: [ OK ]

      Disabling the firewall on your system will make it vulnerable to attacks. On an internal system, the risks are fairly low but you will want to ensure that you enable your firewall protection after you have completed your testing.


      The firewall has now been stopped. Attempt to access the system again to see if the problem has been resolved by this change.

  2. Try to connect via both http and https connections:
  3. Try pinging the server from your client machine.
    1. Launch the command prompt and run the following command:
      > ping lnxpb01

    2. Ensure that the httpd daemon is running on the Apache machine. Run the following command:
      > ps -ef |grep httpd

    3. Ensure that the http/https ports are open and listening on the Apache machine. Run the following command:
      > netstat -l |grep http

      You will see output similar to the following:

      tcp 0 0 :http *: LISTEN
      tcp 0 0 :https *: LISTEN

    4. Check the httpd access logs to see if the connection made it to the httpd daemon. Run the following command:
      > tail -f /var/local/usr/apache/logs/access_log

      You will see output similar to the following:

      10.7.92.208 - - [31/May/2012:11:57:02 -0700||] "GET / HTTP/1.1" 200 11313

Adding iptables info for Apache process

In this section, you will configure the firewall and define which services can be trusted.

  1. Log into lnxpb01 as root.

  2. Launch the system configuration tool for firewall. Run the following command:
    > system-config-firewall-tui

  3. Ensure the Enabled option is selected beside Firewall. Click Customize.


  4. Select Secure WWW (HTTPS) and WWW (HTTP) and click Close:


  5. Click OK.

  6. Click Yes.


  7. Verify the firewall is now running. Run the following command:
    > service iptables status

    You will see output similar to the following:

    Table: filter
    Chain INPUT (policy ACCEPT)
    num target prot opt source destination
    1 ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    2 ACCEPT icmp – 0.0.0.0/0 0.0.0.0/0
    3 ACCEPT all – 0.0.0.0/0 0.0.0.0/0
    4 ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
    5 ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
    6 ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2049
    7 ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
    8 REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

    Chain FORWARD (policy ACCEPT)
    num target prot opt source destination
    1 REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

    Chain OUTPUT (policy ACCEPT)
    num target prot opt source destination

  8. Ports 80 and 443 are now open to accept incoming connections. This should allow for your end users to connect in to your system. Test this using one of the following the Web Server URLs:
  • No labels