We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
patch for firewall config to fix HTTP 500 on fresh install Topic is solved
-
- Posts: 1
- Joined: Sat Oct 25, 2014 1:40 pm
patch for firewall config to fix HTTP 500 on fresh install
The following patch properly allows all traffic on the local loopback interface. Out of the box, vestacp's iptables configuration blocks nginx from communicating with apache via 127.0.0.1:8080. The fix is to add the following rule
-I INPUT -p all -i lo -j ACCEPT
The patch addresses the rule meant to allow loopback traffic on the localhost. It replaces '-A -s 127.0.0.1' with '-I -p all -i lo'. This allows all protocols (TCP,UDP,ICMP) into the loopback interface and it inserts the rule into the beginning of the ruleset.
This applies to # Vesta Ubuntu installer v.04
--- v-update-firewall 2014-10-23 14:16:12.000000000 +0000
+++ add-loopback 2014-10-25 14:06:31.134818335 +0000
@@ -92,7 +92,7 @@
for ip in $(ls $VESTA/data/ips); do
echo "$iptables -A INPUT -s $ip -j ACCEPT" >> $tmp
done
-echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp
+echo "$iptables -I INPUT -p all -i lo -j ACCEPT" >> $tmp
IFS=$'\n'
for p_rule in $(cat $ports); do
eval $p_rule
-I INPUT -p all -i lo -j ACCEPT
The patch addresses the rule meant to allow loopback traffic on the localhost. It replaces '-A -s 127.0.0.1' with '-I -p all -i lo'. This allows all protocols (TCP,UDP,ICMP) into the loopback interface and it inserts the rule into the beginning of the ruleset.
This applies to # Vesta Ubuntu installer v.04
--- v-update-firewall 2014-10-23 14:16:12.000000000 +0000
+++ add-loopback 2014-10-25 14:06:31.134818335 +0000
@@ -92,7 +92,7 @@
for ip in $(ls $VESTA/data/ips); do
echo "$iptables -A INPUT -s $ip -j ACCEPT" >> $tmp
done
-echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp
+echo "$iptables -I INPUT -p all -i lo -j ACCEPT" >> $tmp
IFS=$'\n'
for p_rule in $(cat $ports); do
eval $p_rule
Re: patch for firewall config to fix HTTP 500 on fresh insta
Already fixed on fresh installationfix HTTP 500 on fresh install