On Thu, Feb 04, 2021 at 07:40:35AM +0000, Adam wrote: Hi there,
It sounds like something outside of your nginx is preventing the traffic from getting to your nginx. In that case, no nginx config can help you; but there are other things you can perhaps look at. > nginx is running and listening on port 80: > tcp 0 0 0.0.0.0:80 0.0.0.0:* > LISTEN 0 42297 3576/nginx: master > tcp6 0 0 :::80 :::* > LISTEN 0 42298 3576/nginx: master > > The server responds fine to requests on port 443, serving traffic exactly > as expected: > tcp 0 0 0.0.0.0:443 0.0.0.0:* > LISTEN 0 42299 3576/nginx: master > I have been testing by sshing to an external machine and trying telnet > my.host.name 80 - which times out, compared to telnet my.host.name 443, > which connects immediately. Do your nginx logs indicate that the 443 traffic actually gets to this nginx, and not to a random server that allows port-443 connections? Perhaps use "curl" to make a request, and confirm that the response is from this nginx. > The port is open on my router to allow port 80 traffic. This machine is Do you have any local firewall running on the nginx machine that might block or otherwise limit inbound traffic? > hosted on my home network, serving personal traffic (services which I use, > but not for general internet use). It does respond to port 80 internally, > if I use the internal ip address (http://192.168.178.43). If that test is "from the nginx machine itself", then a local firewall probably won't block it. If that test is from another machine on the home network, then a local firewall that only allows same-subnet connections would allow this, but not allow your external test. "iptables -L -v -n" might show things there; or whatever local firewall command your system might use. > I've kind of run out of ideas, so thought I would post here. I would probably try to run "tcpdump" on the nginx server, to see what port-80 traffic that machine sees when the connection is attempted. (And maybe look at what is seen for port-443 traffic as well, for comparison.) Good luck with it, f -- Francis Daly fran...@daoine.org _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
