저는 모든 동료(컴퓨터가 동일한 네트워크에 연결되어 있음)가 액세스할 수 있도록 하는 것이 주요 목적인 포털을 개발 중입니다.
Apache 서버를 다시 설치해 보았지만 여전히 같은 오류가 발생합니다. 우분투 16.04를 사용하고 있습니다
네트워킹에 대한 나의 지식은 제한되어 있으므로 도움을 주시면 대단히 감사하겠습니다.
이는 누군가가 동일한 네트워크 내의 다른 컴퓨터에 서버의 IP(192.168.60.250)를 입력할 때 예상되는 출력입니다.
virtualbox를 설치하고 문제를 테스트하려고 했는데, virtual box에서 Google Chrome 및 Firefox를 열면 다음 메시지가 나타납니다.
Firefox:
Unable to connect
Firefox can’t establish a connection to the server at 192.168.60.250.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.
Chrome:
This site can't be reached
192.168.60.250 is unreachable
ERR_ADDRESS_UNREACHABLE
I even tried to acess my portal using a machine that has windows as its os it it gives me this error:
Chrome on windows:
This site can't be reached
192.168.60.250 took too long to respond
ERR_CONNECTION_TIMED_OUT
편집: 내 가상 머신의 ifconfig: (우리 사무실의 모든 머신은 Linux 기반이므로 내 가상 머신도 우분투를 사용합니다)
enp0s3 Link encap:Ethernet HWaddr 08:00:27:99:fb:5d
inet addr:192.168.60.247 Bcast:192.168.60.255 Mask:255.255.255.0
inet6 addr: fe80::4463:ae0a:747e:8737/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:98 errors:0 dropped:0 overruns:0 frame:0
TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12438 (12.4 KB) TX bytes:7435 (7.4 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:184 errors:0 dropped:0 overruns:0 frame:0
TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13471 (13.4 KB) TX bytes:13471 (13.4 KB)
내 컴퓨터의 ifconfig는 다음과 같습니다(w/c는 포털 서버임).
enp3s0 Link encap:Ethernet HWaddr 9c:5c:8e:98:c8:51
inet addr:192.168.60.250 Bcast:192.168.60.255 Mask:255.255.255.0
inet6 addr: fe80::4764:697e:9305:12b5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1171474 errors:0 dropped:12 overruns:0 frame:0
TX packets:735472 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1405120963 (1.4 GB) TX bytes:82457324 (82.4 MB)
enp4s0 Link encap:Ethernet HWaddr f4:f2:6d:06:69:72
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1552 errors:0 dropped:0 overruns:0 frame:0
TX packets:1552 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:4176664 (4.1 MB) TX bytes:4176664 (4.1 MB)
이것은 매우 이상합니다. 이 문제는 몇 주 동안 나를 괴롭혔습니다.
내 빠른 추측은 포트 80이 localhost만 수신하고 있다는 것입니다. 하지만 어디서 구성을 시작해야 할지, 무엇을 해야 할지 모르겠습니다.
또한 내 컴퓨터에서 사무실의 다른 컴퓨터로 또는 그 반대로 핑을 보낼 수도 있습니다. 내 컴퓨터에서 VM으로 또는 그 반대로 ping할 수도 있습니다.
I tried netstat -an | grep ':80'
tcp 0 0 192.168.60.250:35724 23.111.228.220:80 ESTABLISHED
tcp 0 0 192.168.60.250:35728 23.111.228.220:80 ESTABLISHED
tcp 0 0 192.168.60.250:35740 23.111.228.220:80 ESTABLISHED
tcp 0 0 192.168.60.250:35732 23.111.228.220:80 ESTABLISHED
tcp 0 0 192.168.60.250:35726 23.111.228.220:80 ESTABLISHED
tcp 0 0 192.168.60.250:35730 23.111.228.220:80 ESTABLISHED
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 192.168.60.250:80 192.168.60.250:34430 TIME_WAIT
EDIT:
I tried the netstat command in my server again and this is what i got:
tcp 0 0 192.168.60.250:80 0.0.0.0:* LISTEN
tcp 0 0 192.168.60.250:80 0.0.0.0:* LISTEN
tcp 0 0 192.168.60.250:80 0.0.0.0:* LISTEN
tcp 0 0 192.168.60.250:35892 192.168.60.250:80 TIME_WAIT
그리고 저는 XAMPP나 WAMPP를 사용하지 않습니다. LAMP 스택을 사용하고 있습니다
또한 오류 로그에 액세스했습니다.
[Thu Jun 13 16:51:37.868968 2019] [mpm_prefork:notice] [pid 2121] AH00163: Apache/2.4.18 (Ubuntu) configured -- resuming normal operations
[Thu Jun 13 16:51:37.910215 2019] [core:notice] [pid 2121] AH00094: Command line: '/usr/sbin/apache2'
iptables-nvL:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3941 2469K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
6 360 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
699 95454 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
699 95454 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
699 95454 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
699 95454 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 4069 packets, 955K bytes)
pkts bytes target prot opt in out source destination
4069 955K OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public all -- enp3s0 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public all -- * enp3s0 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
698 94878 IN_public all -- enp3s0 * 0.0.0.0/0 0.0.0.0/0 [goto]
1 576 IN_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public (2 references)
pkts bytes target prot opt in out source destination
699 95454 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
699 95454 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
699 95454 IN_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_public_allow (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
Chain IN_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
iptables -t nat -nvL:
Chain PREROUTING (policy ACCEPT 900 packets, 114K bytes)
pkts bytes target prot opt in out source destination
905 115K PREROUTING_direct all -- * * 0.0.0.0/0 0.0.0.0/0
905 115K PREROUTING_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
905 115K PREROUTING_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 568 packets, 181K bytes)
pkts bytes target prot opt in out source destination
568 181K OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 568 packets, 181K bytes)
pkts bytes target prot opt in out source destination
568 181K POSTROUTING_direct all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POSTROUTING_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POSTROUTING_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain POSTROUTING_ZONES (1 references)
pkts bytes target prot opt in out source destination
562 180K POST_public all -- * enp3s0 0.0.0.0/0 0.0.0.0/0 [goto]
6 360 POST_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain POSTROUTING_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain POSTROUTING_direct (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public (2 references)
pkts bytes target prot opt in out source destination
568 181K POST_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POST_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POST_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POST_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING_ZONES (1 references)
pkts bytes target prot opt in out source destination
900 114K PRE_public all -- enp3s0 * 0.0.0.0/0 0.0.0.0/0 [goto]
2 648 PRE_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain PREROUTING_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING_direct (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public (2 references)
pkts bytes target prot opt in out source destination
902 114K PRE_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
902 114K PRE_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
902 114K PRE_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain PRE_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public_log (1 references)
pkts bytes target prot opt in out source destination
francis@francis-kane:~$ sudo iptables -t nat -nvL
francis@francis-kane:~$ sudo iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 911 packets, 115K bytes)
pkts bytes target prot opt in out source destination
916 116K PREROUTING_direct all -- * * 0.0.0.0/0 0.0.0.0/0
916 116K PREROUTING_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
916 116K PREROUTING_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 568 packets, 181K bytes)
pkts bytes target prot opt in out source destination
568 181K OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 568 packets, 181K bytes)
pkts bytes target prot opt in out source destination
568 181K POSTROUTING_direct all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POSTROUTING_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POSTROUTING_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain POSTROUTING_ZONES (1 references)
pkts bytes target prot opt in out source destination
562 180K POST_public all -- * enp3s0 0.0.0.0/0 0.0.0.0/0 [goto]
6 360 POST_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain POSTROUTING_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain POSTROUTING_direct (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public (2 references)
pkts bytes target prot opt in out source destination
568 181K POST_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POST_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
568 181K POST_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POST_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain POST_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING_ZONES (1 references)
pkts bytes target prot opt in out source destination
911 115K PRE_public all -- enp3s0 * 0.0.0.0/0 0.0.0.0/0 [goto]
2 648 PRE_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain PREROUTING_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING_direct (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public (2 references)
pkts bytes target prot opt in out source destination
913 116K PRE_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
913 116K PRE_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
913 116K PRE_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain PRE_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain PRE_public_log (1 references)
pkts bytes target prot opt in out source destination
아파치 구성 파일
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.
# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
# /etc/apache2/
# |-- apache2.conf
# | `-- ports.conf
# |-- mods-enabled
# | |-- *.load
# | `-- *.conf
# |-- conf-enabled
# | `-- *.conf
# `-- sites-enabled
# `-- *.conf
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
# together by including all remaining configuration files when starting up the
# web server.
#
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections which can be
# customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
# directories contain particular configuration snippets which manage modules,
# global configuration fragments, or virtual host configurations,
# respectively.
#
# They are activated by symlinking available configuration files from their
# respective *-available/ counterparts. These should be managed by using our
# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
# their respective man pages for detailed information.
#
# * The binary is called apache2. Due to the use of environment variables, in
# the default configuration, apache2 needs to be started/stopped with
# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
# work with the default configuration.
# Global configuration
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the Mutex documentation (available
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
Mutex file:${APACHE_LOCK_DIR} default
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the severity of messages logged to the error_log.
# Available values: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the log level for particular modules, e.g.
# "LogLevel info ssl:warn"
#
LogLevel warn
# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
# Include list of ports to listen on
Include ports.conf
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
#<Directory /srv/>
# Options Indexes FollowSymLinks
# AllowOverride All
# Order allow,deny
# Allow from all
# Require all granted
#</Directory>
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
#
# The following directives define some format nicknames for use with
# a CustomLog directive.
#
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
#
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf
# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
ServerName 192.168.60.250:80
더 많은 정보를 추가하면 됩니다. 때로는 알 수 없는 이유로 다른 컴퓨터나 가상 머신에서 로컬 웹사이트에 액세스할 수 있습니다. 하지만 컴퓨터를 다시 시작하면 오류가 다시 발생했습니다.
답변1
ACCEPTINPUT포트 80에서 들어오는 트래픽에 대한 방화벽 체인(또는 그 하위)에는 규칙이 없습니다 . REJECT공격을 받고 있는 규칙인 대체 규칙이 있습니다 .
이를 사용하는 경우 ufw인바운드 트래픽을 허용하는 규칙을 추가해야 합니다 tcp/80. 안타깝게도 제가 직접 사용하지 않기 때문에 ufw(저는 shorewall인간입니다) 정확한 구문을 제공할 수 없습니다. (나는 지금논평비활성화됐다고 하더군요. 활성화 여부에 관계없이 방화벽 규칙은 여전히 존재하므로 여전히 유효합니다. )
답변2
어때요?
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
이는 테스트 목적으로만 사용되며 프로덕션 환경에서는 사용할 수 없습니다. 그러나 이후에 웹 서버에 액세스할 수 있다면 확실히 방화벽 문제입니다.