Colleague found that the Nginx configuration after HTTPS can not access, I help solve the time from the following starting point1.防火墙未开放443端口2.配置出错
1
2
3
So we netstat -anp look at the ports that the firewall is openingThe discovery is already listening, that must be a configuration problem.Check the con
CentOS7 's firewall configuration is very different from previous versions, and after a great deal of trying, it finally found the key to solving the problem.
CentOS7 This version of the firewall defaults to use the firewall, and the previous version of the use of iptables is not the same. Configure the
not understand, so that it is often at a loss when the choice.
Recently, my computer room continued to suffer from DDoS attacks, also suffered the same troubles, in the installation of a variety of soft defenses can not be effective defense, hard to withstand the price too high, so the internet search a DIY hardware firewall site, holding to try the mentality, download the firewall provided by its core, a
firewalls in the installation, the network authentication method (NIS and LDAP) will not work.
"No Firewall"
No firewall gives full access without any security checks. Security checks are disabled for certain services. It is recommended that you select this only if you are running in a trusted network (not the Internet), or if you want to do a detailed firewall
First, configure the firewall, open 80 port, 3306 portCentOS 7.0 defaults to using firewall as the firewall, where the iptables firewall is changed.1. Close firewall:Systemctl Stop Firewalld.service #停止firewallSystemctl Disable Firewalld.service #禁止firewall开机启动2. Install ipt
manually modify/etc/sysconfig/iptables)
[Root@localhost ~]#/sbin/iptables-i input-p tcp--dport 80-j ACCEPTYou have new mail in/var/spool/mail/root
> Save Settings
[Root@localhost ~]#/etc/rc.d/init.d/iptables Saveiptables:saving firewall rules to/etc/sysconfig/iptables: [OK]
> View firewall status again
[Root@localhost ~]# service iptables statusTable:filterChain INPUT (Policy ACCEPT)Num Target prot opt so
Today, we are in the information age, but also can be said to be the virus and hackers in the era, it is indeed a bit pessimistic but today's network indeed, from the Internet to the intranet, from the PC to the Internet mobile phone platform, no place is safe. Every time the network virus attack, will let the home user, the Enterprise user, 800 hotline even is the operator Tourian.
After another viral crisis, people have begun to think about the safety of the network. Now any enterprise to bui
This is because you want to use Navicat to connect to the database and find that the connection is notBy looking at a lot of data and testing multiple times to find out because the firewall is not configured with Port 3306Words don't say, open the whole, similarly, 80 port is also configured, first enter the firewall configuration fileshell># Vim/etc/sysconfig/ip
CentOS Configuration Firewall Operation instance (start, stop, open, closed port):Note: The basic operation of the firewall command:Querying firewall Status:[[Email protected] ~]# service iptables statusTo stop the firewall:[[Email protected] ~]# service iptables Stop To sta
One, port configuration
Open the Redis port and modify the firewall configuration file Vi/etc/sysconfig/iptables
Join Port Configuration
-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 6379-j ACCEPT
-A rh-firewall
Now is the era of the hacker civilian, stay in their home on the internet are likely to be "shot", and occasionally attack you, will make you head big. Fortunately, many broadband cats have built-in firewall function, as long as we open the function, we can make our ADSL internet more secure, more secure.
First, landing broadband cats.
There are many ways to access a broadband cat, in order to facilitate the article description, we here in the WYSIW
Now is the era of the hacker civilian, stay in their home on the internet are likely to be "shot", and occasionally attack you, will make you head big. Fortunately, many broadband cats have built-in firewall function, as long as we open the function, we can make our ADSL internet more secure, more secure.
First, landing broadband cats.
There are many ways to access a broadband cat, in order to facilitate the article description, we here in the WYSIW
start Firewalld.serviceStop: Systemctl Stop Firewalld.serviceDisable self-booting: Systemctl Disable Firewalld.serviceView current detailed status: Systemctl status Firewalld.serviceDisplay Status: Firewall-cmd--stateOpen port: Firewall-cmd--zone=public--add-port=80/tcp--permanent(--permanent parameter means permanent, otherwise it will expire after reboot)Delete port:
configured by this command:UFW App Default Skip|allow|denyThe default is skip, which is not set.Warning: If the program rules are set to default allow, this can be a significant risk. Think twice before you leap!LogUFW supports many log levels. The default is low, and the user can specify it yourself:UFW Logging On|off|low|medium|high|fullOff is to close the logThe low record encapsulates packets that conflict with the default policy (record speed is limited). Record packets that are compliant
Vi/etc/sysconfig/iptables-A input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT (allow 80 ports through the firewall)-A input-m state–state new-m tcp-p tcp–dport 3306-j ACCEPT (Allow 3306 ports through the firewall)Special tips:Many netizens add these two rules to the last line of the firewall configuration, causi
Device Model: Cisco PIX 515eStatus Quo and requirements: The network is located in the enterprise intranet, and the IP addresses have been uniformly allocated to each device. For simplicity, set the firewall to the Bridge Mode. external devices can only access two servers in the network, and all internal settings can access external devices.Procedure:1. Hardware connection (omitted)2. Use wondows's own Super Terminal to set the connection
Turn on the Redis port and modify the firewall configuration file Vi/etc/sysconfig/iptablesJoin Port Configuration-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 6379-j ACCEPT-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 6379:7000-j ACCEPT//Open p
Turn on the Redis port and modify the firewall configuration file Vi/etc/sysconfig/iptablesJoin Port Configuration-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 6379-j ACCEPT-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 6379:7000-j ACCEPT//Open p
Vi/etc/sysconfig/iptablessuch as:-a input-m state–state new-m tcp-p tcp–dport 139-j ACCEPT (allow 139 ports through the firewall)-A input-m state–state new-m tcp-p tcp–dport 445-j ACCEPT (allow 445 ports through the firewall)Special note: Adding rules to the last line of the firewall configuration will cause the
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.