Apache2 fails to listen on open port

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am attempting to set up apache with sslh. The latter is running fine, but when I attempt to start the apache2 server, it fails with the following message:

dnessett@Mount:/etc/apache2/sites-available$ sudo systemctl restart apache2
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.

Wnen I investigate further (asking for apache status), I find the following:

dnessett@Mount:/etc/apache2/sites-available$ systemctl status apache2.service
● apache2.service - The Apache HTTP Server
   Loaded: loaded (/lib/systemd/system/apache2.service; enabled-runtime; vendor preset: enabled)
  Drop-In: /lib/systemd/system/apache2.service.d
           └─apache2-systemd.conf
   Active: failed (Result: exit-code) since Thu 2022-12-15 11:08:46 MST; 41s ago
  Process: 2520 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
  
Dec 15 11:08:46 Mount systemd[1]: Starting The Apache HTTP Server...
Dec 15 11:08:46 Mount apachectl[2520]: (98)Address already in use: AH00072: make_sock: could not bind to address 127.0.0.1:4443
Dec 15 11:08:46 Mount apachectl[2520]: no listening sockets available, shutting down
Dec 15 11:08:46 Mount apachectl[2520]: AH00015: Unable to open logs
Dec 15 11:08:46 Mount apachectl[2520]: Action 'start' failed.
Dec 15 11:08:46 Mount apachectl[2520]: The Apache error log may have more information.
Dec 15 11:08:46 Mount systemd[1]: apache2.service: Control process exited, code=exited status=1
Dec 15 11:08:46 Mount systemd[1]: apache2.service: Failed with result 'exit-code'.
Dec 15 11:08:46 Mount systemd[1]: Failed to start The Apache HTTP Server.

Since it appears port 4443 is already in use, I print the active listen addresses:

dnessett@Mount:/etc/apache2/sites-available$ sudo lsof -i -P -n | grep LISTEN
systemd-r  760 systemd-resolve   13u  IPv4  20577      0t0  TCP 127.0.0.53:53 (LISTEN)
cupsd      859            root    6u  IPv6  21248      0t0  TCP [::1]:631 (LISTEN)
cupsd      859            root    7u  IPv4  21249      0t0  TCP 127.0.0.1:631 (LISTEN)
vsftpd     977            root    3u  IPv6  21478      0t0  TCP *:21 (LISTEN)
sshd       989            root    3u  IPv4  23513      0t0  TCP *:22 (LISTEN)
sshd       989            root    4u  IPv6  23515      0t0  TCP *:22 (LISTEN)
mysqld    1565           mysql   17u  IPv6  26365      0t0  TCP *:3306 (LISTEN)
sslh      2166            sslh    3u  IPv4  75977      0t0  TCP 98.127.182.220:443 (LISTEN)
sslh      2167            sslh    3u  IPv4  75977      0t0  TCP 98.127.182.220:443 (LISTEN)

As is shown, there is no active listen address for port 4443. journalctl -xe gave no additional information.

I have configured apache to listen on 4443, since sslh listens on 443 and forwards https requests to port 4443. I am using a virtual host for this purpose in 000-default.conf, which I include below (notice I have commented out the listen on port 80, since I only want apache to listen for https requests). I have also commented out some <Directory > directives that came from an XAMPP configuration, which I have disabled. If I get apache working I will remove most of this commented out text

dnessett@Mount:/etc/apache2/sites-available$ cat 000-default.conf
# Comment out the port 80 virtual host block

<IfDefine IgnoreBlockComment>
<VirtualHost *:80>
	# The ServerName directive sets the request scheme, hostname and port that
	# the server uses to identify itself. This is used when creating
	# redirection URLs. In the context of virtual hosts, the ServerName
	# specifies what hostname must appear in the request's Host: header to
	# match this virtual host. For the default virtual host (this file) this
	# value is not decisive as it is used as a last resort host regardless.
	# However, you must set it for any further virtual host explicitly.
	#ServerName www.example.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html

	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
	# error, crit, alert, emerg.
	# It is also possible to configure the loglevel for particular
	# modules, e.g.
	#LogLevel info ssl:warn

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	# For most configuration files from conf-available/, which are
	# enabled or disabled at a global level, it is possible to
	# include a line for only one particular virtual host. For example the
	# following line enables the CGI configuration for this host only
	# after it has been globally disabled with "a2disconf".
	#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
</IfDefine>

Listen localhost:4443 ssl;

# These defintions are in the main conf file

<IfDefine IgnoreBlockComment>
<Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all denied
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>
</IfDefine>

# Comment out the lampp phpadmin and htdocs Directory blocks

<IfDefine IgnoreBlockComment>
<Directory "/opt/lampp/phpmyadmin">
    AllowOverride AuthConfig Limit
    Require all granted
    ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</Directory>

<Directory "/opt/lampp/apache2/htdocs">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>
</IfDefine>

<VirtualHost localhost:4443>
        ServerName coop.mountolive.com:4443
        DocumentRoot /var/www/sites/coop-mountolive

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	SSLEngine on
	SSLCertificateFile /root/.acme.sh/*.mountolive.com/fullchain.cer
	SSLCertificateKeyFile /root/.acme.sh/*.mountolive.com/*.mountolive.com.key
</VirtualHost>

For completeness, I include below the configuration information for sslh:

dnessett@Mount:/etc/default$ cat sslh
# Default options for sslh initscript
# sourced by /etc/init.d/sslh

# Disabled by default, to force yourself
# to read the configuration:
# - /usr/share/doc/sslh/README.Debian (quick start)
# - /usr/share/doc/sslh/README, at "Configuration" section
# - sslh(8) via "man sslh" for more configuration details.
# Once configuration ready, you *must* set RUN to yes here
# and try to start sslh (standalone mode only)

RUN=yes

# binary to use: forked (sslh) or single-thread (sslh-select) version
# systemd users: don't forget to modify /lib/systemd/system/sslh.service
DAEMON=/usr/sbin/sslh

DAEMON_OPTS="--user sslh --listen coop.mountolive.com:443 --ssh 127.0.0.1:22 --ssl localhost:4443 --pidfile /var/run/sslh/sslh.pid"

Thanks for any help you can give.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux