사무실에 있는 다른 컴퓨터에서는 동일한 네트워크에 있는 내 로컬 웹사이트에 액세스할 수 없습니다.

사무실에 있는 다른 컴퓨터에서는 동일한 네트워크에 있는 내 로컬 웹사이트에 액세스할 수 없습니다.

저는 모든 동료(컴퓨터가 동일한 네트워크에 연결되어 있음)가 액세스할 수 있도록 하는 것이 주요 목적인 포털을 개발 중입니다.

Apache 서버를 다시 설치해 보았지만 여전히 같은 오류가 발생합니다. 우분투 16.04를 사용하고 있습니다

네트워킹에 대한 나의 지식은 제한되어 있으므로 도움을 주시면 대단히 감사하겠습니다.

이는 누군가가 동일한 네트워크 내의 다른 컴퓨터에 서버의 IP(192.168.60.250)를 입력할 때 예상되는 출력입니다.

virtualbox를 설치하고 문제를 테스트하려고 했는데, virtual box에서 Google Chrome 및 Firefox를 열면 다음 메시지가 나타납니다.

Firefox:

Unable to connect

Firefox can’t establish a connection to the server at 192.168.60.250.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

Chrome:

This site can't be reached
192.168.60.250 is unreachable
ERR_ADDRESS_UNREACHABLE

I even tried to acess my portal using a machine that has windows as its os it it gives me this error:

Chrome on windows:

This site can't be reached
192.168.60.250 took too long to respond
ERR_CONNECTION_TIMED_OUT

편집: 내 가상 머신의 ifconfig: (우리 사무실의 모든 머신은 Linux 기반이므로 내 가상 머신도 우분투를 사용합니다)

enp0s3    Link encap:Ethernet  HWaddr 08:00:27:99:fb:5d  
          inet addr:192.168.60.247  Bcast:192.168.60.255  Mask:255.255.255.0
          inet6 addr: fe80::4463:ae0a:747e:8737/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:98 errors:0 dropped:0 overruns:0 frame:0
          TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:12438 (12.4 KB)  TX bytes:7435 (7.4 KB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:184 errors:0 dropped:0 overruns:0 frame:0
          TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:13471 (13.4 KB)  TX bytes:13471 (13.4 KB)

내 컴퓨터의 ifconfig는 다음과 같습니다(w/c는 포털 서버임).

enp3s0    Link encap:Ethernet  HWaddr 9c:5c:8e:98:c8:51  
          inet addr:192.168.60.250  Bcast:192.168.60.255  Mask:255.255.255.0
          inet6 addr: fe80::4764:697e:9305:12b5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1171474 errors:0 dropped:12 overruns:0 frame:0
          TX packets:735472 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1405120963 (1.4 GB)  TX bytes:82457324 (82.4 MB)

enp4s0    Link encap:Ethernet  HWaddr f4:f2:6d:06:69:72  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:1552 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1552 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:4176664 (4.1 MB)  TX bytes:4176664 (4.1 MB)

이것은 매우 이상합니다. 이 문제는 몇 주 동안 나를 괴롭혔습니다.

내 빠른 추측은 포트 80이 localhost만 수신하고 있다는 것입니다. 하지만 어디서 구성을 시작해야 할지, 무엇을 해야 할지 모르겠습니다.

또한 내 컴퓨터에서 사무실의 다른 컴퓨터로 또는 그 반대로 핑을 보낼 수도 있습니다. 내 컴퓨터에서 VM으로 또는 그 반대로 ping할 수도 있습니다.

I tried netstat -an | grep ':80'
tcp        0      0 192.168.60.250:35724    23.111.228.220:80       ESTABLISHED
tcp        0      0 192.168.60.250:35728    23.111.228.220:80       ESTABLISHED
tcp        0      0 192.168.60.250:35740    23.111.228.220:80       ESTABLISHED
tcp        0      0 192.168.60.250:35732    23.111.228.220:80       ESTABLISHED
tcp        0      0 192.168.60.250:35726    23.111.228.220:80       ESTABLISHED
tcp        0      0 192.168.60.250:35730    23.111.228.220:80       ESTABLISHED
tcp6       0      0 :::80                   :::*                    LISTEN     
tcp6       0      0 :::80                   :::*                    LISTEN     
tcp6       0      0 :::80                   :::*                    LISTEN     
tcp6       0      0 192.168.60.250:80       192.168.60.250:34430    TIME_WAIT  
EDIT:
I tried the netstat command in my server again and this is what i got:

tcp        0      0 192.168.60.250:80       0.0.0.0:*               LISTEN     
tcp        0      0 192.168.60.250:80       0.0.0.0:*               LISTEN     
tcp        0      0 192.168.60.250:80       0.0.0.0:*               LISTEN     
tcp        0      0 192.168.60.250:35892    192.168.60.250:80     TIME_WAIT  

그리고 저는 XAMPP나 WAMPP를 사용하지 않습니다. LAMP 스택을 사용하고 있습니다

또한 오류 로그에 액세스했습니다.

[Thu Jun 13 16:51:37.868968 2019] [mpm_prefork:notice] [pid 2121] AH00163: Apache/2.4.18 (Ubuntu) configured -- resuming normal operations
[Thu Jun 13 16:51:37.910215 2019] [core:notice] [pid 2121] AH00094: Command line: '/usr/sbin/apache2'

iptables-nvL:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 3941 2469K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    6   360 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
  699 95454 INPUT_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  699 95454 INPUT_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  699 95454 INPUT_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
  699 95454 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 FORWARD_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FORWARD_IN_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FORWARD_IN_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FORWARD_OUT_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FORWARD_OUT_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 4069 packets, 955K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 4069  955K OUTPUT_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD_IN_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 FWDI_public  all  --  enp3s0 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    0     0 FWDI_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto] 

Chain FORWARD_IN_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD_OUT_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 FWDO_public  all  --  *      enp3s0  0.0.0.0/0            0.0.0.0/0           [goto] 
    0     0 FWDO_public  all  --  *      +       0.0.0.0/0            0.0.0.0/0           [goto] 

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FWDI_public (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 FWDI_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FWDI_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FWDI_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FWDI_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FWDI_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FWDI_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FWDO_public (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 FWDO_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FWDO_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 FWDO_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FWDO_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FWDO_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain FWDO_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  698 94878 IN_public  all  --  enp3s0 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    1   576 IN_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto] 

Chain INPUT_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain IN_public (2 references)
 pkts bytes target     prot opt in     out     source               destination         
  699 95454 IN_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  699 95454 IN_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  699 95454 IN_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain IN_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW

Chain IN_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain IN_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination  

iptables -t nat -nvL:

Chain PREROUTING (policy ACCEPT 900 packets, 114K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  905  115K PREROUTING_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  905  115K PREROUTING_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  905  115K PREROUTING_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 568 packets, 181K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  568  181K OUTPUT_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain POSTROUTING (policy ACCEPT 568 packets, 181K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  568  181K POSTROUTING_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POSTROUTING_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POSTROUTING_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  562  180K POST_public  all  --  *      enp3s0  0.0.0.0/0            0.0.0.0/0           [goto] 
    6   360 POST_public  all  --  *      +       0.0.0.0/0            0.0.0.0/0           [goto] 

Chain POSTROUTING_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POST_public (2 references)
 pkts bytes target     prot opt in     out     source               destination         
  568  181K POST_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POST_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POST_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain POST_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POST_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POST_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PREROUTING_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  900  114K PRE_public  all  --  enp3s0 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    2   648 PRE_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto] 

Chain PREROUTING_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PREROUTING_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PRE_public (2 references)
 pkts bytes target     prot opt in     out     source               destination         
  902  114K PRE_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  902  114K PRE_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  902  114K PRE_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain PRE_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PRE_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PRE_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination         
francis@francis-kane:~$ sudo iptables -t nat -nvL
francis@francis-kane:~$ sudo iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 911 packets, 115K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  916  116K PREROUTING_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  916  116K PREROUTING_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  916  116K PREROUTING_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 568 packets, 181K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  568  181K OUTPUT_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain POSTROUTING (policy ACCEPT 568 packets, 181K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  568  181K POSTROUTING_direct  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POSTROUTING_ZONES_SOURCE  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POSTROUTING_ZONES  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  562  180K POST_public  all  --  *      enp3s0  0.0.0.0/0            0.0.0.0/0           [goto] 
    6   360 POST_public  all  --  *      +       0.0.0.0/0            0.0.0.0/0           [goto] 

Chain POSTROUTING_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POST_public (2 references)
 pkts bytes target     prot opt in     out     source               destination         
  568  181K POST_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POST_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  568  181K POST_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain POST_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POST_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain POST_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PREROUTING_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  911  115K PRE_public  all  --  enp3s0 *       0.0.0.0/0            0.0.0.0/0           [goto] 
    2   648 PRE_public  all  --  +      *       0.0.0.0/0            0.0.0.0/0           [goto] 

Chain PREROUTING_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PREROUTING_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PRE_public (2 references)
 pkts bytes target     prot opt in     out     source               destination         
  913  116K PRE_public_log  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  913  116K PRE_public_deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  913  116K PRE_public_allow  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain PRE_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PRE_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain PRE_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination       

아파치 구성 파일

# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.

# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
#   /etc/apache2/
#   |-- apache2.conf
#   |   `--  ports.conf
#   |-- mods-enabled
#   |   |-- *.load
#   |   `-- *.conf
#   |-- conf-enabled
#   |   `-- *.conf
#   `-- sites-enabled
#       `-- *.conf
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
#   together by including all remaining configuration files when starting up the
#   web server.
#
# * ports.conf is always included from the main configuration file. It is
#   supposed to determine listening ports for incoming connections which can be
#   customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
#   directories contain particular configuration snippets which manage modules,
#   global configuration fragments, or virtual host configurations,
#   respectively.
#
#   They are activated by symlinking available configuration files from their
#   respective *-available/ counterparts. These should be managed by using our
#   helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
#   their respective man pages for detailed information.
#
# * The binary is called apache2. Due to the use of environment variables, in
#   the default configuration, apache2 needs to be started/stopped with
#   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
#   work with the default configuration.


# Global configuration
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE!  If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the Mutex documentation (available
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
Mutex file:${APACHE_LOCK_DIR} default

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5


# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log

#
# LogLevel: Control the severity of messages logged to the error_log.
# Available values: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the log level for particular modules, e.g.
# "LogLevel info ssl:warn"
#
LogLevel warn

# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

# Include list of ports to listen on
Include ports.conf


# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

<Directory /usr/share>
    AllowOverride None
    Require all granted
</Directory>

<Directory /var/www/html>
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
    Require all granted
</Directory>

#<Directory /srv/>
#   Options Indexes FollowSymLinks
#   AllowOverride All
#   Order allow,deny
#   Allow from all
#   Require all granted
#</Directory>


# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride
# directive.
#
AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
    Require all denied
</FilesMatch>


#
# The following directives define some format nicknames for use with
# a CustomLog directive.
#
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
#
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.

# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf

# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

ServerName 192.168.60.250:80

더 많은 정보를 추가하면 됩니다. 때로는 알 수 없는 이유로 다른 컴퓨터나 가상 머신에서 로컬 웹사이트에 액세스할 수 있습니다. 하지만 컴퓨터를 다시 시작하면 오류가 다시 발생했습니다.

답변1

ACCEPTINPUT포트 80에서 들어오는 트래픽에 대한 방화벽 체인(또는 그 하위)에는 규칙이 없습니다 . REJECT공격을 받고 있는 규칙인 대체 규칙이 있습니다 .

이를 사용하는 경우 ufw인바운드 트래픽을 허용하는 규칙을 추가해야 합니다 tcp/80. 안타깝게도 제가 직접 사용하지 않기 때문에 ufw(저는 shorewall인간입니다) 정확한 구문을 제공할 수 없습니다. (나는 지금논평비활성화됐다고 하더군요. 활성화 여부에 관계없이 방화벽 규칙은 여전히 ​​존재하므로 여전히 유효합니다. )

답변2

어때요?

iptables -I INPUT -p tcp --dport 80 -j ACCEPT

이는 테스트 목적으로만 사용되며 프로덕션 환경에서는 사용할 수 없습니다. 그러나 이후에 웹 서버에 액세스할 수 있다면 확실히 방화벽 문제입니다.

관련 정보