如何为 vps http 和 https 打开 jelastic 防火墙?
how to open jelastic firewall for vps http and https?
我在 jelastic 主机上有一个 vps 到 运行 一个带有 nginx 反向代理的节点 js 应用程序。
在没有 jelastic 防火墙的情况下,运行宁可顺利进行。
如果我激活防火墙并为 http 和 https 设置规则,该网站将被阻止。我怎样才能打开防火墙,让用户可以浏览我的应用程序?
这是我的防火墙规则的图片
iptables -nvL 还打印:
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:443
netsta -nlapt 打印:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 250/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 447/sshd: /usr/sbin
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 6754/nginx: master
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/init
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6754/nginx: master
tcp 0 0 185.131.52.12:22 222.186.42.7:50138 ESTABLISHED 16531/sshd: root [p
tcp 0 0 10.101.3.228:33424 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:60798 10.101.3.160:27017 ESTABLISHED 6639/node /home/loo
tcp 0 0 10.101.3.228:32988 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:32980 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:22 10.101.1.120:44842 ESTABLISHED 15298/sshd: root@pt
tcp 0 0 10.101.3.228:32986 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:32990 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:22 10.101.1.107:33800 ESTABLISHED 16425/sshd: root@pt
tcp 0 0 10.101.3.228:59584 10.101.3.160:27017 ESTABLISHED 6639/node /home/loo
tcp 0 0 10.101.3.228:59578 10.101.3.160:27017 ESTABLISHED 6639/node /home/loo
tcp6 0 0 :::22 :::* LISTEN 447/sshd: /usr/sbin
tcp6 0 0 :::443 :::* LISTEN 6754/nginx: master
tcp6 0 0 :::4000 :::* LISTEN 7030/node /home/loo
tcp6 0 0 :::111 :::* LISTEN 1/init
tcp6 0 0 :::80 :::* LISTEN 6754/nginx: master
tcp6 0 0 :::8080 :::* LISTEN 6639/node /home/loo
从托管商处获得更多信息后,我知道了答案。
所以我必须禁用 UFW 并且必须安装 CSF 防火墙。
这是相关文档:
https://cloudjiffy.com/portal/knowledgebase/324/Ubuntu-with-CSF-Firewall.html
我在 jelastic 主机上有一个 vps 到 运行 一个带有 nginx 反向代理的节点 js 应用程序。
在没有 jelastic 防火墙的情况下,运行宁可顺利进行。
如果我激活防火墙并为 http 和 https 设置规则,该网站将被阻止。我怎样才能打开防火墙,让用户可以浏览我的应用程序?
这是我的防火墙规则的图片
iptables -nvL 还打印:
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:443
netsta -nlapt 打印:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 250/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 447/sshd: /usr/sbin
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 6754/nginx: master
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/init
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6754/nginx: master
tcp 0 0 185.131.52.12:22 222.186.42.7:50138 ESTABLISHED 16531/sshd: root [p
tcp 0 0 10.101.3.228:33424 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:60798 10.101.3.160:27017 ESTABLISHED 6639/node /home/loo
tcp 0 0 10.101.3.228:32988 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:32980 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:22 10.101.1.120:44842 ESTABLISHED 15298/sshd: root@pt
tcp 0 0 10.101.3.228:32986 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:32990 10.101.3.160:27017 ESTABLISHED 7030/node /home/loo
tcp 0 0 10.101.3.228:22 10.101.1.107:33800 ESTABLISHED 16425/sshd: root@pt
tcp 0 0 10.101.3.228:59584 10.101.3.160:27017 ESTABLISHED 6639/node /home/loo
tcp 0 0 10.101.3.228:59578 10.101.3.160:27017 ESTABLISHED 6639/node /home/loo
tcp6 0 0 :::22 :::* LISTEN 447/sshd: /usr/sbin
tcp6 0 0 :::443 :::* LISTEN 6754/nginx: master
tcp6 0 0 :::4000 :::* LISTEN 7030/node /home/loo
tcp6 0 0 :::111 :::* LISTEN 1/init
tcp6 0 0 :::80 :::* LISTEN 6754/nginx: master
tcp6 0 0 :::8080 :::* LISTEN 6639/node /home/loo
从托管商处获得更多信息后,我知道了答案。
所以我必须禁用 UFW 并且必须安装 CSF 防火墙。
这是相关文档:
https://cloudjiffy.com/portal/knowledgebase/324/Ubuntu-with-CSF-Firewall.html