Score:0

How can I make my nginx web server reachable from outside its local network?

gl flag

I am trying to reach a subdomain of my website from outside its local network.

I can successfully ping it (ping my.subdomain.com):

PING my.subdomain.com (ser.ver.ip.add) 56(84) bytes of data.
64 bytes from static.143.220.55.162.clients.your-server.de (ser.ver.ip.add): icmp_seq=1 ttl=53 time=14.8 ms
64 bytes from static.143.220.55.162.clients.your-server.de (ser.ver.ip.add): icmp_seq=2 ttl=53 time=15.4 ms
64 bytes from static.143.220.55.162.clients.your-server.de (ser.ver.ip.add): icmp_seq=3 ttl=53 time=15.1 ms
64 bytes from static.143.220.55.162.clients.your-server.de (ser.ver.ip.add): icmp_seq=4 ttl=53 time=15.1 ms
64 bytes from static.143.220.55.162.clients.your-server.de (ser.ver.ip.add): icmp_seq=5 ttl=53 time=15.4 ms
64 bytes from static.143.220.55.162.clients.your-server.de (ser.ver.ip.add): icmp_seq=6 ttl=53 time=15.6 ms
64 bytes from static.143.220.55.162.clients.your-server.de (ser.ver.ip.add): icmp_seq=7 ttl=53 time=15.5 ms
^C
--- my.subdomain.com ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6010ms
rtt min/avg/max/mdev = 14.833/15.263/15.577/0.243 ms

but it cannot successfully curl it (curl -m 5 my.subdomain.com):

curl: (28) Connection timed out after 5000 milliseconds

From within the host server, the curl (curl -m 5 my.subdomain.com) response is:

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

The output of sudo ufw status is

Status: active

To                         Action      From
--                         ------      ----
80/tcp                     ALLOW       Anywhere                  
443/tcp                    ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
22                         ALLOW       ser.ver.ip.add            
80/tcp (v6)                ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)             
80 (v6)                    ALLOW       Anywhere (v6)    

The output of netstat -tulnp is

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      80509/nginx: master 
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      724/systemd-resolve 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      797/sshd: /usr/sbin 
tcp6       0      0 :::5000                 :::*                    LISTEN      102144/registry     
tcp6       0      0 :::80                   :::*                    LISTEN      80509/nginx: master 
tcp6       0      0 :::22                   :::*                    LISTEN      797/sshd: /usr/sbin 
udp        0      0 127.0.0.53:53           0.0.0.0:*                           724/systemd-resolve 
udp        0      0 ser.ver.ip.add:68       0.0.0.0:*                           722/systemd-network 

What does this mean and how can I make the nginx web server reachable from outside?

in flag
A timeout usually indicates a firewall issue.
naraghi avatar
gl flag
but `ufw status` says port 80 is allowing connections from Anywhere. What could be the issue specifically?
in flag
Most probably another firewall in front of the server
vidarlo avatar
ar flag
It's not clear to me how your setup is. What is your local network? Is your server behind some firewall? NAT?
naraghi avatar
gl flag
@vidarlo How do I find out these two things? Sorry, I'm a real beginner
naraghi avatar
gl flag
@GeraldSchneider Is it also possible that my nginx config is just wrong somehow? I mean something in `etc/nginx/*
Score:0
gl flag

@Gerald Schneider was correct, it was another firewall in front of the server that needed to be configured to allow inbound connections on port 80

I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.