Unable to modify HTTP port

en
yunohost-firewall

#2

Well opening a port is easy but what do you expect by doing this ? No program apriori listen to port 8080


#3

Thank you for your answer. It should be easy indeed, but apparently isn’t working for me…I expect to access my server from outside my local network using another port like http://myserver.nohost.me:8080. I cannot listen to any other port other than the default ones even if the firewall says that they are opened.


#4

Alright … but a program needs to be listening to port 8080 for this to work, sooo, I’d say more tweaking and tinkering is required :confused: Otherwise you’ll just see a blank page


#5

Ok, thanks. So, can you help me on that? I can’t find this info anywhere…


#6

I’ve made some progress by changing the port to 8080 on file /etc/nginx/conf.d/myserver.nohost.me.conf. Now my server is listening to port 8080 and I can access it from my local network using the new assigned port, but this is still not possible from outside my network. What am I missing?


#7

Have you configured port forwarding on your internet box to route port 8080 outside the local network ?


#8

Yes, port forwarding is properly configured. Is there any other file that I should edit?


#9

I don’t think so …

So how do you test that your server is accessible from outside ?


#10

I’ve modified my SHH port and it’s working fine from outside. XMPP is working as well. The only thing isn’t working is access via web. I’ve checked that my server is listening to port 8080 by using an open port check tool site.


#11

So does it tells that port 8080 is accessible, or is not ? :smiley:


#12

Yes, it tells that port 8080 is accessible but I still can’t connect to my server…


#13

So are you contacting it through the IP or through the domain name ?

And if it doesn’t work, what error does it shows exactly ?


#14

I’ve tried both without success. The error I get is “The connection has timed out”.


#15

I’ve been trying for the last 5 days but still no success…any ideas?


#16

Its better to provide your domain information, so that someone can have a look into it.


#17

Hi,

My domain: solnik.nohost.me

solnik.nohost.me.conf is now configured as follows:

server {
listen 81;
listen [::]:81;
server_name solnik.nohost.me;

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name solnik.nohost.me;

I forgot to say earlier that my ISP block both port 80 and 443. Does that make any difference? I’ve tried to modify https port to 444 without success.


#18

My experience with modifying the HTTP or HTTPS ports to bypass this kind of limitation is not the right thing to do … Theroretically it’s doable, but in pratice it is a huge technical mess. Changing port 80 might work, but I found in the past that changing port 443 is more complicated because there are too many assumptions everywhere about this port (even sometime hard-coded stuff)

And then even if you succeed in changing this, you will have to tell all your user to access your server via https://yourdomain.tld:444/

And for instance if they (or you…) only type yourdomain.tld in the browser it won’t work … and even yourdomain.tld:81 won’t work : because yunohost will make a redirection to HTTPS … which happens to redirect to https://yourdomain.tld (without the custom port) so you need to fix those redirection as well

Not to mention you won’t be able to fetch LetsEncrypt certificates …

So imho you have those possible solution :

  • change ISP and choose one that does provide you with a decent internet connection, not just half of it
  • configure a VPN like those provided by the FFDN (or any VPN that does provide you with full control of the IP)

#19

Thanks, Aleks. I currently have just two ISPs to choose from and none of them provide a decent internet connection. I’ve started looking at the VPN provided by the FFDN, but I think that distance might be a problem. I live in Brazil and getting a VPN based in France will significantly slow down my internet speed, right?


#20

Yes clearly :confused:

Maybe there are some devent VPN providers implemented in Brazil :confused:


#21

I’m afraid there isn’t…well, thank you for your help anyway. I’ll try one of those VPN provided by the FFDN and see how it goes