Search code examples
jelastic

how to open jelastic firewall for vps http and https?

i have a vps on a jelastic hoster to run a node js application with nginx reverese proxy.
that's running smooth without the jelastic firewall.
if i activate the firewall and setting up rules for http and https, the website is blocked. how can i open the firewall, that users can browse my application?

here is a image of my firewall rules my firewall rules

iptables -nvL prints also:

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:80
0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443
0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:443

netsta -nlapt prints:


Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      250/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      447/sshd: /usr/sbin
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      6754/nginx: master
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/init
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      6754/nginx: master
tcp        0      0 185.131.52.12:22        222.186.42.7:50138      ESTABLISHED 16531/sshd: root [p
tcp        0      0 10.101.3.228:33424      10.101.3.160:27017      ESTABLISHED 7030/node /home/loo
tcp        0      0 10.101.3.228:60798      10.101.3.160:27017      ESTABLISHED 6639/node /home/loo
tcp        0      0 10.101.3.228:32988      10.101.3.160:27017      ESTABLISHED 7030/node /home/loo
tcp        0      0 10.101.3.228:32980      10.101.3.160:27017      ESTABLISHED 7030/node /home/loo
tcp        0      0 10.101.3.228:22         10.101.1.120:44842      ESTABLISHED 15298/sshd: root@pt
tcp        0      0 10.101.3.228:32986      10.101.3.160:27017      ESTABLISHED 7030/node /home/loo
tcp        0      0 10.101.3.228:32990      10.101.3.160:27017      ESTABLISHED 7030/node /home/loo
tcp        0      0 10.101.3.228:22         10.101.1.107:33800      ESTABLISHED 16425/sshd: root@pt
tcp        0      0 10.101.3.228:59584      10.101.3.160:27017      ESTABLISHED 6639/node /home/loo
tcp        0      0 10.101.3.228:59578      10.101.3.160:27017      ESTABLISHED 6639/node /home/loo
tcp6       0      0 :::22                   :::*                    LISTEN      447/sshd: /usr/sbin
tcp6       0      0 :::443                  :::*                    LISTEN      6754/nginx: master
tcp6       0      0 :::4000                 :::*                    LISTEN      7030/node /home/loo
tcp6       0      0 :::111                  :::*                    LISTEN      1/init
tcp6       0      0 :::80                   :::*                    LISTEN      6754/nginx: master
tcp6       0      0 :::8080                 :::*                    LISTEN      6639/node /home/loo
Solution

  • After getting more information from my hoster, i know the answer.
    So i must disable the UFW and must install the CSF Firewall.

    Here is the documentation about that:
    https://cloudjiffy.com/portal/knowledgebase/324/Ubuntu-with-CSF-Firewall.html