My hardware firewall has port 8080 open
My goal is to have my server receive the requests over 8080 and via iptables route the request to be handled by httpd.
This seems simple (in my head), but I am missing something.
Here are my IPTable Rules:
*nat :PREROUTING ACCEPT [6:782] :POSTROUTING ACCEPT [1:732] :OUTPUT ACCEPT [1:732] -A PREROUTING -i eth1 -p tcp -m tcp --dport 8080 -j DNAT --to-destination :80 COMMIT *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [87:12324] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
When I attempt to request a site I am getting a 301 redirect and not the site (test via curl):
* About to connect() to server.domain.com port 8080 (#0) * Trying <ip addy>... connected * Connected to server.domain.com (<ip addy>) port 8080 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/18.104.22.168 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: server.domain.com:8080 > Accept: */* > < HTTP/1.1 301 Moved Permanently < Date: Wed, 08 Nov 2017 19:07:32 GMT < Server: Apache/2.2.15 (CentOS) < X-Powered-By: PHP/5.3.3 < Set-Cookie: cf7msm_check=1; path=/ < Set-Cookie: PHPSESSID=0lblsu0t9of4id2nraei0v7rb0; path=/ < Expires: Thu, 19 Nov 1981 08:52:00 GMT < Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 < Pragma: no-cache < X-Pingback: http://server.domain.com/wp/xmlrpc.php < Location: http://server.domain.com/ < Content-Length: 0 < Connection: close < Content-Type: text/html; charset=UTF-8 < * Closing connection #0
HTTPD is setup to listen on 80.
The requests are getting to HTTPd, but for a reason I have not yet figured out, the requests are not getting the expected responses.
If I change everything to use straight port 80 everything works fine.
Your 301 redirect is coming from WordPress. You need to put the correct port number in Settings > General if you intend to run WordPress on a nonstandard port.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.