Can’t verify ufw status prior to set nginx as a reverse proxy

Discussion in 'Installation/Configuration' started by Keoz, Dec 5, 2020.

  1. Keoz

    Keoz Member

    Machine : remote VPS SSD 2
    OS distro : ubuntu 18.04
    Cpanel : ISPConfig 3 (apache2)

    I am trying to gain skills upon configuring Nginx as a web server and reverse proxy for Apache :

    I need to know if any ISPConfig setting may help to solve an issue I am facing while trying to make a required verification. In the case, on step 4 of the tutorial, I am instruct to verify ufw status on Apache web server, but I can’t do it because :

    Command line “ufw status“ outputs “Status: inactive“

    So, I went on enable things with command line “ufw enable“ that outputs “Firewall is active and enabled on system startup“, and then retried a verification, but command line “ufw status“ keeps outputing “Status: inactive“ ! Finaly, because of enabling ufw, my ssh connection was disrupted, and I had to reinstall all my test environment : VPS, Ubuntu, and ISPConfig.

    May ISPConfing help to make such ufw status verification (maybe out of ssh connection…) in a way that avoids ssh connection disruption ?

  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I think you must enable ufw and then configure it before it does anything.
  3. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    You should allow ssh access as well as access to ispconfig before enabling ufw. You can j
    leave it disabled until after you set the ports in ispconfig, and enable it afterwards.
  4. Keoz

    Keoz Member

    I did enable ufw, and I supposed that it has default configuation already, consequently to ISPConfg installation.
    What I want is to view this default coniguration, but I can't for reasons already explained :

    I may not know what further ufw configuration could match certain requirements (e.g. for app to be installed), if I dont know the initial ufw configuration that comes with ISPConfig installation.

    So I need help to have the command line “ufw status“ outputing the default ufw status !

  5. Keoz

    Keoz Member

    This reply is somehow unclear to me : what should I do, and how and where from can I do it using ISPConfing panel please ?
  6. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    There are no services allowed be default, ie. no default configuration. Also, ufw is not enabled be default.
  7. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Add the ports to open in the panel, before you enable ufw. Or at least allow ssh and web ports (including 8080 is you use it).
  8. Keoz

    Keoz Member

    If http://IPADDRESS:8080 allow to access the login page for ISPConfig, does this not mean that port 8080 is open by default, also meaning that some related ufw configuration is set too ?
  9. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Yes, port 8080 is allowed, as is every other port. There is no configuration by default, the firewall is disabled. If you enable the firewall, there are no ports allowed by default, you must explicitly allow those you need.
  10. Keoz

    Keoz Member

    I create a new thread, since I collected informations from AzuraCast app support that brings me to reformulate my help request with more details :

Share This Page