我无法从网络访问我的网站(curl 和 wget 返回页面的 html)

我无法从网络访问我的网站(curl 和 wget 返回页面的 html)

我在尝试将我的网站推向世界时遇到了几个问题。我对运行网络服务器的概念还很陌生,所以我遵循了许多教程来帮助我入门。我可能做错了什么(可能性 >= 95%),我非常感激有人能帮助我纠正这些错误。

首先,尝试通过 http 访问时会遇到 ERR_CONNECTION_TIMED_OUT 错误。据记录,我无法通过 ping 访问它。

我运行了“ sudo netstat -plunt”,输出结果如下:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1429/sshd 
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 10863/master
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 15618/mysqld
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 23351/apache2
tcp6 0 0 :::22 :::* LISTEN 1429/sshd 
tcp6 0 0 :::25 :::* LISTEN 10863/master
tcp6 0 0 :::443 :::* LISTEN 23351/apache2

运行“ curl http://unaffiliatedstudios.com”将返回网页的 HTML;“ curl https://unaffiliatedstudios.com”将返回以下内容:

curl: (51) SSL: certificate subject name (ubuntu-unaffiliated-com) does not match target host name 'unaffiliatedstudios.com'

我运行了“ sudo iptables -L | grep ACCEPT”,并收到了以下信息:

Chain INPUT (policy ACCEPT)
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:https
Chain OUTPUT (policy ACCEPT)
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere ctstate NEW
ACCEPT udp -- anywhere anywhere ctstate NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh /* 'dapp_OpenSSH' */
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere multiport dports http,https /* 'dapp_Apache%20Full' */
ACCEPT all -- anywhere anywhere

我已附上一个图像包含 droplet 的 DNS 设置。

最后,我不确定这会有多大帮助,但我运行了 nmap,结果如下:

Starting Nmap 7.70 ( https://nmap.org ) at 2018-04-21 08:54 Central Daylight Time

NSE: Loaded 148 scripts for scanning.

NSE: Script Pre-scanning.

Initiating NSE at 08:54

Completed NSE at 08:54, 0.02s elapsed

Initiating NSE at 08:54

Completed NSE at 08:54, 0.00s elapsed

Initiating Ping Scan at 08:54

Scanning unaffiliatedstudios.com (138.197.139.28) [4 ports]

Completed Ping Scan at 08:54, 3.51s elapsed (1 total hosts)

Nmap scan report for unaffiliatedstudios.com (138.197.139.28) [host down]

NSE: Script Post-scanning.

Initiating NSE at 08:54

Completed NSE at 08:54, 0.00s elapsed

Initiating NSE at 08:54

Completed NSE at 08:54, 0.00s elapsed

Read data files from: C:\Program Files (x86)\Nmap

Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn

Nmap done: 1 IP address (0 hosts up) scanned in 31.23 seconds

Raw packets sent: 8 (304B) | Rcvd: 0 (0B)

任何帮助都将受到赞赏。

编辑:添加云防火墙的设置:

Inbound
Type    Protocol    Port Range  Sources 
SSH TCP 22  All IPv4 All IPv6   
Outbound
Type    Protocol    Port Range  Destinations    
ICMP    ICMP        All IPv4 All IPv6   
All TCP TCP All ports   All IPv4 All IPv6   
HTTPS   TCP 443 All IPv4 All IPv6   
All UDP UDP All ports   All IPv4 All IPv6

答案1

您使用自签名 SSL 证书。这就是原因。我将其添加到我的 Firefox 并查看标准 Ubuntu Apache 页面。如果您想免费获得普通 SSL 证书,您可以使用让我们加密

相关内容