Get the most out of your Centmin Mod LEMP stack
Become a Member

Can't open port

Discussion in 'System Administration' started by Jon Snow, Mar 12, 2021.

  1. Jon Snow

    Jon Snow Active Member

    614
    107
    43
    Jun 30, 2017
    Ratings:
    +165
    Local Time:
    7:36 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    I'm trying to open a port but I'm not getting through.

    Using tools like the following to check by entering the server's IP:
    Open Port Check Tool - Test Port Forwarding on Your Router
    Port Checker - Check Open Ports Online

    I've added the port to CSF (TCP & UDP + restart) and I've also tried disabling CSF. Didn't work, so I figure there might be something else blocking the port? Maybe my host?

    Any other idea how to open this port? I'll contact my host just in case.
     
  2. Jon Snow

    Jon Snow Active Member

    614
    107
    43
    Jun 30, 2017
    Ratings:
    +165
    Local Time:
    7:36 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    They said they're no blocking the port.
     
  3. eva2000

    eva2000 Administrator Staff Member

    46,427
    10,551
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,371
    Local Time:
    8:36 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
  4. Jon Snow

    Jon Snow Active Member

    614
    107
    43
    Jun 30, 2017
    Ratings:
    +165
    Local Time:
    7:36 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    Code (Text):
    egrep '^TCP_|^TCP6_|^UDP_|^UDP6_' /etc/csf/csf.conf
    TCP_IN = "20,21,22,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,8083,81,9418,30001:50011"
    TCP_OUT = "2525,465,1110,1194,9418,20,21,22,25,53,80,110,113,443,587,993,995,8083"
    UDP_IN = "67,68,1110,33434:33534,20,21,53,8083"
    UDP_OUT = "67,68,1110,33434:33534,20,21,53,113,123,8083"
    TCP6_IN = "20,21,22,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,81,9418,30001:50011"
    TCP6_OUT = "2525,465,20,21,22,25,53,80,110,113,443,587,993,995"
    UDP6_IN = "20,21,53"
    UDP6_OUT = "20,21,53,113,123"
    
     
  5. eva2000

    eva2000 Administrator Staff Member

    46,427
    10,551
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,371
    Local Time:
    8:36 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    is the port you want opened listed in comma separated list i.e. 8083 ? if so then that is correct

    just make sure you restarted CSF Firewall after editing /etc/csf/csf.conf
    Code (Text):
    csf -ra


    also instead of online port testings which can be wrong, tried manually checking or connecting to that port you've whitelisted to see

    also some VPS hosts have their own firewall in front i.e. Google Cloud, Amazon EC2 and optionally with DigitalOcean, Vult and soon Linode so if you have them enabled they would need whitelisting too.
     
  6. Jon Snow

    Jon Snow Active Member

    614
    107
    43
    Jun 30, 2017
    Ratings:
    +165
    Local Time:
    7:36 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    I've done that after editing, but I've just done it again.
    Code (Text):
    telnet server-IP 8083
    Connecting To server-IP...Could not open connection to the host, on port 8083: Connect failed


    Code (Text):
    telnet domain.com 8083
    Connecting To domain.com...Could not open connection to the host, on port 8083: Connect failed

    Tried from my local computer this time and it didn't work.
    Linode already confirmed that they're not blocking the port.
     
  7. eva2000

    eva2000 Administrator Staff Member

    46,427
    10,551
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,371
    Local Time:
    8:36 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    That is a connnection failed message not connection refused. Firewall blocked ports usually would give connection refused. Connection failed is because there is no running service on the connection/port you specified i.e. port 8083 on server has no running service. What are you running on port 8083 ? And is that service configured to allow external connections or restricted to localhost/127.0.0.1 so not allowing external connections.