Port seems to be open, but connection refused

firewall webserver

I am trying to open port 3000 on Ubuntu 12.04, cause I have a web server listening there. I'm a bit out of my confort zone here, and spent many hours trying to solve the problem without success.

Port seems to be open in the firewall :

$> sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
...
3000/tcp                   ALLOW       Anywhere
3000/tcp                   ALLOW       Anywhere (v6)

The server is listening alright on that port :

$> netstat -an | grep "LISTEN "
...
tcp        0      0 127.0.0.1:3000          0.0.0.0:*               LISTEN     
...

And I can even wget alright the index page :

$> wget localhost:3000
Connecting to localhost (localhost)|127.0.0.1|:3000... connected.
HTTP request sent, awaiting response... 200 OK

And the received file contains what I expect ("hello world" :).

However, when trying from another computer, or if I wget mydomain.com:3000 I get "connection refused", and nmap tells me that the port is not open : 

$> nmap -A -T4 mydomain.com
Host is up (0.00032s latency).
...
Not shown: 999 closed ports
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 5.9p1 Debian 5ubuntu1 (protocol 2.0)
...
Service Info: OS: Linux

Any idea what I should try next ???

EDIT

Here's what traceroute gives :

$> traceroute mydomain.com
traceroute to mydomain.com (176.31.x.x), 30 hops max, 60 byte packets
 1  mydomain.com (176.31.x.x)  0.034 ms  0.013 ms  0.010 ms

Solution 1:

If your server is listening on the localhost interface only, you won't be able to access it from a remote computer. This appears to be your primary problem, as only 127.0.0.1:3000 is listed in your netstat output.

You will also need to ensure that "mydomain.com" resolves to the correct IP address for your machine, such that connecting to it will result in communication with the external interface of that machine.

Solution 2:

I had this problem recently with a nodejs HTTPS server, and the solution to it was not to use "localhost", "127.0.0.1" or even the domain name. It was to use "0.0.0.0"

I believe this acts as a wildcard, now allowing for public resolution via the domain name and it also works with "localhost"

Edit: Here's a link to a serverfault page on the 0.0.0.0 topic: https://serverfault.com/questions/78048/whats-the-difference-between-ip-address-0-0-0-0-and-127-0-0-1

Solution 3:

Is there any chance that you are using AWS or any other cloud services? In that case port should be opened on cloud service level. In particular among AWS you should be looking for "Security Groups" where you need to open access to port 3000.

Related

How to stop screen going black after 10 min
How to install jekyll?
Super key not working in Ubuntu 20.04
WARNING: PV /dev/sda3 in VG ubuntu-vg is using an old PV header, modify the VG to update
Are there any good typing tutors? [closed]
How are packages actually installed via apt-get install?
New installation of Windows 10 and Ubuntu from Windows Store error
Free software to share mouse and keyboard between linux and windows?
How do I disable the screenshot sound?
What is a "Asking for cache data failed" warning?
How can I fix incorrect mp3 duration?
Why did installation of MySQL 5.6 on Ubuntu 14.04 fail?