Port 443 not working on EC2 Plesk and not able to install license

0

There is a serious server fault in EC2,

sudo netstat -nupt -l

shows

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 172.31.40.53:53         0.0.0.0:*               LISTEN      1304/named      
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      1304/named      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1445/sshd       
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      1901/    
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      1304/named      
tcp        0      0 127.0.0.1:12346         0.0.0.0:*               LISTEN      1901/    
tcp        0      0 172.31.40.53:443        0.0.0.0:*               LISTEN      2043/nginx      
tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      1509/config     
tcp        0      0 0.0.0.0:4190            0.0.0.0:*               LISTEN      1315/dovecot    
tcp        0      0 127.0.0.1:12768         0.0.0.0:*               LISTEN      1405/psa-pc-remote
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      1315/dovecot    
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      1315/dovecot    
tcp        0      0 0.0.0.0:7080            0.0.0.0:*               LISTEN      2080/apache2    
tcp        0      0 0.0.0.0:7081            0.0.0.0:*               LISTEN      2080/apache2    
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      1315/dovecot    
tcp        0      0 127.0.0.1:783           0.0.0.0:*               LISTEN      1966/perl       
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      1315/dovecot    
tcp        0      0 172.31.40.53:80         0.0.0.0:*               LISTEN      2043/nginx      
tcp        0      0 0.0.0.0:8880            0.0.0.0:*               LISTEN      1509/config     
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      1901/    
tcp6       0      0 :::21                   :::*                    LISTEN      1630/xinetd     
tcp6       0      0 :::53                   :::*                    LISTEN      1304/named      
tcp6       0      0 :::22                   :::*                    LISTEN      1445/sshd       
tcp6       0      0 :::25                   :::*                    LISTEN      1901/    
tcp6       0      0 :::8443                 :::*                    LISTEN      1509/config     
tcp6       0      0 :::4190                 :::*                    LISTEN      1315/dovecot    
tcp6       0      0 :::993                  :::*                    LISTEN      1315/dovecot    
tcp6       0      0 :::995                  :::*                    LISTEN      1315/dovecot    
tcp6       0      0 :::3306                 :::*                    LISTEN      1409/mysqld     
tcp6       0      0 :::106                  :::*                    LISTEN      1630/xinetd     
tcp6       0      0 :::110                  :::*                    LISTEN      1315/dovecot    
tcp6       0      0 :::143                  :::*                    LISTEN      1315/dovecot    
tcp6       0      0 :::8880                 :::*                    LISTEN      1509/config     
tcp6       0      0 :::465                  :::*                    LISTEN      1901/    
udp        0      0 172.31.40.53:53         0.0.0.0:*                           1304/named      
udp        0      0 127.0.0.1:53            0.0.0.0:*                           1304/named      
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1075/dhclient   
udp6       0      0 :::53                   :::*                                1304/named 

Port 443 is blocked and not working

I have tried everything


sudo a2enmod ssl
sudo a2ensite default-ssl
sudo /etc/init.d/apache2 restart

Also ufw 443 is also not working

My security groups configuration for 443 is for inbound and outbound

Ec2 groups configuration

Please help!! Also note that I am not able to install anything via apt as well as it stucks from 0% installation

Manish
asked 3 months ago246 views
1 Answer
2

Hello.

Is HTTPS allowed in EC2's security group inbound rules?
Also, is HTTPS allowed in the network ACL of the subnet where EC2 is launched?
Also, check that HTTPS is not blocked by the firewall settings of the EC2 OS.
Once you have confirmed this, please make sure that the web server settings are set to listen on HTTPS.

profile picture
EXPERT
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
  • The issue looks like in firewall-cmd

    When I use this command :

    sudo netstat -tulpn | grep :443 It gives output tcp 0 0 172.31.40.53:443 0.0.0.0:* LISTEN 5138/nginx

    I can not use the firewall-cmd command as firewalld is not installed and can not able to install it as it shows only this

    apt install firewalld Reading package lists... Done Building dependency tree
    Reading state information... Done The following additional packages will be installed: ebtables python3-decorator python3-selinux python3-slip python3-slip-dbus The following NEW packages will be installed: ebtables firewalld python3-decorator python3-selinux python3-slip python3-slip-dbus 0 upgraded, 6 newly installed, 0 to remove and 85 not upgraded. Need to get 624 kB of archives. After this operation, 4,025 kB of additional disk space will be used. Do you want to continue? [Y/n] Y 0% [Connecting to us-east-1.ec2.archive.ubuntu.com (52.207.133.243)]

    and then timeout

  • ACL tables have added htttps rule in inblud and outbound , so that one is ok. Need to fix the issue with firewall , can you help how to access firewall without commandline and also without plesk , as plesk is expired.

  • The subnet's network ACL is stateless inspection and must allow return communication. Therefore, you need to allow well-known ports in the inbound and outbound rules as shown below. a

    a

  • I hav edited my question, Also Network ACL's are done as per you as well with inbound and outbound rules.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions