我想在Digital Ocean下的ubuntu 18上为我的托管设置https,因为它写在这里: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04
但是我对ufw设置有问题:
# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo systemctl reload apache2
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache Full'
Skipping adding existing rule
Skipping adding existing rule (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw delete allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
我看到状态无效。
我试图做:
Available applications:
Apache
Apache Full
Apache Secure
OpenSSH
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
我认为此错误很严重,因此没有继续执行下一个命令。为什么会出错以及如何解决?
已修改的块#2: 我做到了:
# ufw allow 80
Rules updated
Rules updated (v6)
root@nsn-do-lamp:~# sudo ufw app list
Available applications:
Apache
Apache Full
Apache Secure
OpenSSH
root@nsn-do-lamp:~# sudo ufw status
Status: inactive
root@nsn-do-lamp:~# sudo service apache2 restart
root@nsn-do-lamp:~# sudo ufw status
Status: inactive
我也重新启动了操作系统,但是状态仍然是无效的。怎么了? 使用端口443相同。 我检查我的端口:
# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN
tcp 0 316 box.example.com:ssh 213.109.234.130:44188 ESTABLISHED
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 [::]:http [::]:* LISTEN
udp 7680 0 localhost:domain 0.0.0.0:*
udp 2560 0 localhost.localdo:55370 localhost.localdo:55370 ESTABLISHED
raw6 0 0 [::]:ipv6-icmp [::]:* 7
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 133990 /run/user/0/systemd/notify
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent
unix 3 [ ] DGRAM 11678 /run/systemd/notify
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout
unix 9 [ ] DGRAM 11688 /run/systemd/journal/socket
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432
unix 2 [ ] DGRAM 11995 /run/systemd/journal/syslog
unix 6 [ ] DGRAM 12052 /run/systemd/journal/dev-log
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request
unix 2 [ ] DGRAM 12404
unix 3 [ ] DGRAM 14820
unix 2 [ ] DGRAM 12660
unix 3 [ ] STREAM CONNECTED 16768
unix 3 [ ] STREAM CONNECTED 15931 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 15800
unix 3 [ ] STREAM CONNECTED 18050 /run/systemd/journal/stdout
unix 2 [ ] DGRAM 14810
unix 3 [ ] DGRAM 14526
unix 3 [ ] DGRAM 14528
unix 3 [ ] DGRAM 133991
unix 3 [ ] STREAM CONNECTED 16814 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16811 /var/run/dbus/system_bus_socket
unix 3 [ ] DGRAM 14819
unix 3 [ ] DGRAM 14527
unix 2 [ ] DGRAM 133966
unix 3 [ ] DGRAM 12886
unix 3 [ ] DGRAM 12885
unix 3 [ ] DGRAM 14817
unix 2 [ ] DGRAM 14522
unix 3 [ ] STREAM CONNECTED 16812 /var/run/dbus/system_bus_socket
unix 2 [ ] DGRAM 16802
unix 3 [ ] STREAM CONNECTED 17880
unix 3 [ ] STREAM CONNECTED 16809
unix 3 [ ] STREAM CONNECTED 18049
unix 3 [ ] STREAM CONNECTED 16810
unix 3 [ ] STREAM CONNECTED 15799
unix 3 [ ] STREAM CONNECTED 16815 /var/run/dbus/system_bus_socket
unix 3 [ ] DGRAM 133992
unix 3 [ ] STREAM CONNECTED 14392
unix 3 [ ] STREAM CONNECTED 17140 /run/systemd/journal/stdout
unix 2 [ ] DGRAM 15083
unix 3 [ ] STREAM CONNECTED 14393 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 133964 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 17881 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16775
unix 3 [ ] STREAM CONNECTED 17138
unix 3 [ ] STREAM CONNECTED 133945
unix 3 [ ] DGRAM 14525
unix 2 [ ] DGRAM 17907
unix 2 [ ] DGRAM 133853
unix 3 [ ] STREAM CONNECTED 15929
unix 3 [ ] STREAM CONNECTED 18536 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16247 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 16246
unix 3 [ ] DGRAM 11680
unix 3 [ ] DGRAM 11679
unix 3 [ ] STREAM CONNECTED 16168
unix 3 [ ] STREAM CONNECTED 16169 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 16406 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 16813 /var/run/dbus/system_bus_socket
unix 3 [ ] DGRAM 14314
unix 3 [ ] STREAM CONNECTED 18535
unix 3 [ ] STREAM CONNECTED 16404
unix 3 [ ] DGRAM 14818
unix 3 [ ] STREAM CONNECTED 15007 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 16728
unix 2 [ ] DGRAM 12850
unix 2 [ ] DGRAM 133953
unix 3 [ ] STREAM CONNECTED 17455
unix 3 [ ] STREAM CONNECTED 15005
unix 3 [ ] STREAM CONNECTED 14720 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 12658
unix 3 [ ] STREAM CONNECTED 13014 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 17460 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 12543
unix 3 [ ] STREAM CONNECTED 16727
unix 3 [ ] STREAM CONNECTED 13016 /run/systemd/journal/stdout
unix 2 [ ] DGRAM 16769
unix 3 [ ] STREAM CONNECTED 16731 /run/systemd/journal/stdout
unix 3 [ ] DGRAM 14315
unix 3 [ ] STREAM CONNECTED 14718
root@nsn-do-lamp:~# netstat --listening
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 [::]:http [::]:* LISTEN
udp 8448 0 localhost:domain 0.0.0.0:*
raw6 0 0 [::]:ipv6-icmp [::]:* 7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request
谢谢!
答案 0 :(得分:0)
您可以尝试使用命令
启用ufw sudo ufw enable