I have error secure apache on Digital Ocean?









up vote
2
down vote

favorite












I want to set https for my hosting on ubuntu 18 under Digital Ocean as it is written here:
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04



But I had problems with ufw settuings:



# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo systemctl reload apache2
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache Full'
Skipping adding existing rule
Skipping adding existing rule (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw delete allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I see that status is inactive.



I tried to make :



sudo ufw app list



Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I think this error is critical and did not proceed with next commands. Why error and how to fix it ?



MODIFIED BLOCK # 2:
I did :



# ufw allow 80
Rules updated
Rules updated (v6)
root@nsn-do-lamp:~# sudo ufw app list
Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:~# sudo ufw status
Status: inactive
root@nsn-do-lamp:~# sudo service apache2 restart
root@nsn-do-lamp:~# sudo ufw status
Status: inactive


Also I restarted the OS, but status is inactive anyway. What is wrong?
The same using ports 443.
I check my ports :



# netstat -a 
Active Internet connections (servers and established) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp 0 316 box.example.com:ssh 213.109.234.130:44188 ESTABLISHED 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 7680 0 localhost:domain 0.0.0.0:* 
udp 2560 0 localhost.localdo:55370 localhost.localdo:55370 ESTABLISHED 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (servers and established) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ] DGRAM 133990 /run/user/0/systemd/notify 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 3 [ ] DGRAM 11678 /run/systemd/notify 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 9 [ ] DGRAM 11688 /run/systemd/journal/socket 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ] DGRAM 11995 /run/systemd/journal/syslog 
unix 6 [ ] DGRAM 12052 /run/systemd/journal/dev-log 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request 
unix 2 [ ] DGRAM 12404 
unix 3 [ ] DGRAM 14820 
unix 2 [ ] DGRAM 12660 
unix 3 [ ] STREAM CONNECTED 16768 
unix 3 [ ] STREAM CONNECTED 15931 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 15800 
unix 3 [ ] STREAM CONNECTED 18050 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 14810 
unix 3 [ ] DGRAM 14526 
unix 3 [ ] DGRAM 14528 
unix 3 [ ] DGRAM 133991 
unix 3 [ ] STREAM CONNECTED 16814 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16811 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14819 
unix 3 [ ] DGRAM 14527 
unix 2 [ ] DGRAM 133966 
unix 3 [ ] DGRAM 12886 
unix 3 [ ] DGRAM 12885 
unix 3 [ ] DGRAM 14817 
unix 2 [ ] DGRAM 14522 
unix 3 [ ] STREAM CONNECTED 16812 /var/run/dbus/system_bus_socket 
unix 2 [ ] DGRAM 16802 
unix 3 [ ] STREAM CONNECTED 17880 
unix 3 [ ] STREAM CONNECTED 16809 
unix 3 [ ] STREAM CONNECTED 18049 
unix 3 [ ] STREAM CONNECTED 16810 
unix 3 [ ] STREAM CONNECTED 15799 
unix 3 [ ] STREAM CONNECTED 16815 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 133992 
unix 3 [ ] STREAM CONNECTED 14392 
unix 3 [ ] STREAM CONNECTED 17140 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 15083 
unix 3 [ ] STREAM CONNECTED 14393 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 133964 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17881 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16775 
unix 3 [ ] STREAM CONNECTED 17138 
unix 3 [ ] STREAM CONNECTED 133945 
unix 3 [ ] DGRAM 14525 
unix 2 [ ] DGRAM 17907 
unix 2 [ ] DGRAM 133853 
unix 3 [ ] STREAM CONNECTED 15929 
unix 3 [ ] STREAM CONNECTED 18536 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16247 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16246 
unix 3 [ ] DGRAM 11680 
unix 3 [ ] DGRAM 11679 
unix 3 [ ] STREAM CONNECTED 16168 
unix 3 [ ] STREAM CONNECTED 16169 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16406 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16813 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14314 
unix 3 [ ] STREAM CONNECTED 18535 
unix 3 [ ] STREAM CONNECTED 16404 
unix 3 [ ] DGRAM 14818 
unix 3 [ ] STREAM CONNECTED 15007 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16728 
unix 2 [ ] DGRAM 12850 
unix 2 [ ] DGRAM 133953 
unix 3 [ ] STREAM CONNECTED 17455 
unix 3 [ ] STREAM CONNECTED 15005 
unix 3 [ ] STREAM CONNECTED 14720 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12658 
unix 3 [ ] STREAM CONNECTED 13014 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17460 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12543 
unix 3 [ ] STREAM CONNECTED 16727 
unix 3 [ ] STREAM CONNECTED 13016 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 16769 
unix 3 [ ] STREAM CONNECTED 16731 /run/systemd/journal/stdout 
unix 3 [ ] DGRAM 14315 
unix 3 [ ] STREAM CONNECTED 14718 
root@nsn-do-lamp:~# netstat --listening 
Active Internet connections (only servers) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 8448 0 localhost:domain 0.0.0.0:* 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (only servers) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request


Thanks!






ubuntu ssl-certificate digital-ocean







share|improve this question























  • Try sudo ufw status numbered to see what you already have. FWIW I don't do protocols with UFW or application names/profiles, I specify ports - ufw allow 443 or ufw allow 80
    – ivanivan
    Nov 8 at 15:12











  • Thank you for your feedback. Please look at MODIFIED BLOCK # 2
    – Ivan
    Nov 9 at 7:12














up vote
2
down vote

favorite












I want to set https for my hosting on ubuntu 18 under Digital Ocean as it is written here:
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04



But I had problems with ufw settuings:



# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo systemctl reload apache2
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache Full'
Skipping adding existing rule
Skipping adding existing rule (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw delete allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I see that status is inactive.



I tried to make :



sudo ufw app list



Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I think this error is critical and did not proceed with next commands. Why error and how to fix it ?



MODIFIED BLOCK # 2:
I did :



# ufw allow 80
Rules updated
Rules updated (v6)
root@nsn-do-lamp:~# sudo ufw app list
Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:~# sudo ufw status
Status: inactive
root@nsn-do-lamp:~# sudo service apache2 restart
root@nsn-do-lamp:~# sudo ufw status
Status: inactive


Also I restarted the OS, but status is inactive anyway. What is wrong?
The same using ports 443.
I check my ports :



# netstat -a 
Active Internet connections (servers and established) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp 0 316 box.example.com:ssh 213.109.234.130:44188 ESTABLISHED 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 7680 0 localhost:domain 0.0.0.0:* 
udp 2560 0 localhost.localdo:55370 localhost.localdo:55370 ESTABLISHED 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (servers and established) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ] DGRAM 133990 /run/user/0/systemd/notify 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 3 [ ] DGRAM 11678 /run/systemd/notify 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 9 [ ] DGRAM 11688 /run/systemd/journal/socket 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ] DGRAM 11995 /run/systemd/journal/syslog 
unix 6 [ ] DGRAM 12052 /run/systemd/journal/dev-log 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request 
unix 2 [ ] DGRAM 12404 
unix 3 [ ] DGRAM 14820 
unix 2 [ ] DGRAM 12660 
unix 3 [ ] STREAM CONNECTED 16768 
unix 3 [ ] STREAM CONNECTED 15931 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 15800 
unix 3 [ ] STREAM CONNECTED 18050 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 14810 
unix 3 [ ] DGRAM 14526 
unix 3 [ ] DGRAM 14528 
unix 3 [ ] DGRAM 133991 
unix 3 [ ] STREAM CONNECTED 16814 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16811 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14819 
unix 3 [ ] DGRAM 14527 
unix 2 [ ] DGRAM 133966 
unix 3 [ ] DGRAM 12886 
unix 3 [ ] DGRAM 12885 
unix 3 [ ] DGRAM 14817 
unix 2 [ ] DGRAM 14522 
unix 3 [ ] STREAM CONNECTED 16812 /var/run/dbus/system_bus_socket 
unix 2 [ ] DGRAM 16802 
unix 3 [ ] STREAM CONNECTED 17880 
unix 3 [ ] STREAM CONNECTED 16809 
unix 3 [ ] STREAM CONNECTED 18049 
unix 3 [ ] STREAM CONNECTED 16810 
unix 3 [ ] STREAM CONNECTED 15799 
unix 3 [ ] STREAM CONNECTED 16815 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 133992 
unix 3 [ ] STREAM CONNECTED 14392 
unix 3 [ ] STREAM CONNECTED 17140 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 15083 
unix 3 [ ] STREAM CONNECTED 14393 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 133964 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17881 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16775 
unix 3 [ ] STREAM CONNECTED 17138 
unix 3 [ ] STREAM CONNECTED 133945 
unix 3 [ ] DGRAM 14525 
unix 2 [ ] DGRAM 17907 
unix 2 [ ] DGRAM 133853 
unix 3 [ ] STREAM CONNECTED 15929 
unix 3 [ ] STREAM CONNECTED 18536 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16247 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16246 
unix 3 [ ] DGRAM 11680 
unix 3 [ ] DGRAM 11679 
unix 3 [ ] STREAM CONNECTED 16168 
unix 3 [ ] STREAM CONNECTED 16169 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16406 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16813 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14314 
unix 3 [ ] STREAM CONNECTED 18535 
unix 3 [ ] STREAM CONNECTED 16404 
unix 3 [ ] DGRAM 14818 
unix 3 [ ] STREAM CONNECTED 15007 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16728 
unix 2 [ ] DGRAM 12850 
unix 2 [ ] DGRAM 133953 
unix 3 [ ] STREAM CONNECTED 17455 
unix 3 [ ] STREAM CONNECTED 15005 
unix 3 [ ] STREAM CONNECTED 14720 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12658 
unix 3 [ ] STREAM CONNECTED 13014 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17460 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12543 
unix 3 [ ] STREAM CONNECTED 16727 
unix 3 [ ] STREAM CONNECTED 13016 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 16769 
unix 3 [ ] STREAM CONNECTED 16731 /run/systemd/journal/stdout 
unix 3 [ ] DGRAM 14315 
unix 3 [ ] STREAM CONNECTED 14718 
root@nsn-do-lamp:~# netstat --listening 
Active Internet connections (only servers) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 8448 0 localhost:domain 0.0.0.0:* 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (only servers) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request


Thanks!






ubuntu ssl-certificate digital-ocean







share|improve this question























  • Try sudo ufw status numbered to see what you already have. FWIW I don't do protocols with UFW or application names/profiles, I specify ports - ufw allow 443 or ufw allow 80
    – ivanivan
    Nov 8 at 15:12











  • Thank you for your feedback. Please look at MODIFIED BLOCK # 2
    – Ivan
    Nov 9 at 7:12












up vote
2
down vote

favorite









up vote
2
down vote

favorite











I want to set https for my hosting on ubuntu 18 under Digital Ocean as it is written here:
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04



But I had problems with ufw settuings:



# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo systemctl reload apache2
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache Full'
Skipping adding existing rule
Skipping adding existing rule (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw delete allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I see that status is inactive.



I tried to make :



sudo ufw app list



Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I think this error is critical and did not proceed with next commands. Why error and how to fix it ?



MODIFIED BLOCK # 2:
I did :



# ufw allow 80
Rules updated
Rules updated (v6)
root@nsn-do-lamp:~# sudo ufw app list
Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:~# sudo ufw status
Status: inactive
root@nsn-do-lamp:~# sudo service apache2 restart
root@nsn-do-lamp:~# sudo ufw status
Status: inactive


Also I restarted the OS, but status is inactive anyway. What is wrong?
The same using ports 443.
I check my ports :



# netstat -a 
Active Internet connections (servers and established) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp 0 316 box.example.com:ssh 213.109.234.130:44188 ESTABLISHED 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 7680 0 localhost:domain 0.0.0.0:* 
udp 2560 0 localhost.localdo:55370 localhost.localdo:55370 ESTABLISHED 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (servers and established) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ] DGRAM 133990 /run/user/0/systemd/notify 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 3 [ ] DGRAM 11678 /run/systemd/notify 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 9 [ ] DGRAM 11688 /run/systemd/journal/socket 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ] DGRAM 11995 /run/systemd/journal/syslog 
unix 6 [ ] DGRAM 12052 /run/systemd/journal/dev-log 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request 
unix 2 [ ] DGRAM 12404 
unix 3 [ ] DGRAM 14820 
unix 2 [ ] DGRAM 12660 
unix 3 [ ] STREAM CONNECTED 16768 
unix 3 [ ] STREAM CONNECTED 15931 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 15800 
unix 3 [ ] STREAM CONNECTED 18050 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 14810 
unix 3 [ ] DGRAM 14526 
unix 3 [ ] DGRAM 14528 
unix 3 [ ] DGRAM 133991 
unix 3 [ ] STREAM CONNECTED 16814 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16811 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14819 
unix 3 [ ] DGRAM 14527 
unix 2 [ ] DGRAM 133966 
unix 3 [ ] DGRAM 12886 
unix 3 [ ] DGRAM 12885 
unix 3 [ ] DGRAM 14817 
unix 2 [ ] DGRAM 14522 
unix 3 [ ] STREAM CONNECTED 16812 /var/run/dbus/system_bus_socket 
unix 2 [ ] DGRAM 16802 
unix 3 [ ] STREAM CONNECTED 17880 
unix 3 [ ] STREAM CONNECTED 16809 
unix 3 [ ] STREAM CONNECTED 18049 
unix 3 [ ] STREAM CONNECTED 16810 
unix 3 [ ] STREAM CONNECTED 15799 
unix 3 [ ] STREAM CONNECTED 16815 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 133992 
unix 3 [ ] STREAM CONNECTED 14392 
unix 3 [ ] STREAM CONNECTED 17140 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 15083 
unix 3 [ ] STREAM CONNECTED 14393 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 133964 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17881 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16775 
unix 3 [ ] STREAM CONNECTED 17138 
unix 3 [ ] STREAM CONNECTED 133945 
unix 3 [ ] DGRAM 14525 
unix 2 [ ] DGRAM 17907 
unix 2 [ ] DGRAM 133853 
unix 3 [ ] STREAM CONNECTED 15929 
unix 3 [ ] STREAM CONNECTED 18536 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16247 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16246 
unix 3 [ ] DGRAM 11680 
unix 3 [ ] DGRAM 11679 
unix 3 [ ] STREAM CONNECTED 16168 
unix 3 [ ] STREAM CONNECTED 16169 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16406 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16813 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14314 
unix 3 [ ] STREAM CONNECTED 18535 
unix 3 [ ] STREAM CONNECTED 16404 
unix 3 [ ] DGRAM 14818 
unix 3 [ ] STREAM CONNECTED 15007 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16728 
unix 2 [ ] DGRAM 12850 
unix 2 [ ] DGRAM 133953 
unix 3 [ ] STREAM CONNECTED 17455 
unix 3 [ ] STREAM CONNECTED 15005 
unix 3 [ ] STREAM CONNECTED 14720 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12658 
unix 3 [ ] STREAM CONNECTED 13014 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17460 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12543 
unix 3 [ ] STREAM CONNECTED 16727 
unix 3 [ ] STREAM CONNECTED 13016 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 16769 
unix 3 [ ] STREAM CONNECTED 16731 /run/systemd/journal/stdout 
unix 3 [ ] DGRAM 14315 
unix 3 [ ] STREAM CONNECTED 14718 
root@nsn-do-lamp:~# netstat --listening 
Active Internet connections (only servers) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 8448 0 localhost:domain 0.0.0.0:* 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (only servers) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request


Thanks!






ubuntu ssl-certificate digital-ocean







share|improve this question















I want to set https for my hosting on ubuntu 18 under Digital Ocean as it is written here:
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04



But I had problems with ufw settuings:



# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo systemctl reload apache2
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache Full'
Skipping adding existing rule
Skipping adding existing rule (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw delete allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I see that status is inactive.



I tried to make :



sudo ufw app list



Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw allow 'Apache'
Rules updated
Rules updated (v6)
root@nsn-do-lamp:/etc/apache2/sites-available# sudo ufw status
Status: inactive


I think this error is critical and did not proceed with next commands. Why error and how to fix it ?



MODIFIED BLOCK # 2:
I did :



# ufw allow 80
Rules updated
Rules updated (v6)
root@nsn-do-lamp:~# sudo ufw app list
Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH
root@nsn-do-lamp:~# sudo ufw status
Status: inactive
root@nsn-do-lamp:~# sudo service apache2 restart
root@nsn-do-lamp:~# sudo ufw status
Status: inactive


Also I restarted the OS, but status is inactive anyway. What is wrong?
The same using ports 443.
I check my ports :



# netstat -a 
Active Internet connections (servers and established) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp 0 316 box.example.com:ssh 213.109.234.130:44188 ESTABLISHED 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 7680 0 localhost:domain 0.0.0.0:* 
udp 2560 0 localhost.localdo:55370 localhost.localdo:55370 ESTABLISHED 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (servers and established) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ] DGRAM 133990 /run/user/0/systemd/notify 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 3 [ ] DGRAM 11678 /run/systemd/notify 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 9 [ ] DGRAM 11688 /run/systemd/journal/socket 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ] DGRAM 11995 /run/systemd/journal/syslog 
unix 6 [ ] DGRAM 12052 /run/systemd/journal/dev-log 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request 
unix 2 [ ] DGRAM 12404 
unix 3 [ ] DGRAM 14820 
unix 2 [ ] DGRAM 12660 
unix 3 [ ] STREAM CONNECTED 16768 
unix 3 [ ] STREAM CONNECTED 15931 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 15800 
unix 3 [ ] STREAM CONNECTED 18050 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 14810 
unix 3 [ ] DGRAM 14526 
unix 3 [ ] DGRAM 14528 
unix 3 [ ] DGRAM 133991 
unix 3 [ ] STREAM CONNECTED 16814 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16811 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14819 
unix 3 [ ] DGRAM 14527 
unix 2 [ ] DGRAM 133966 
unix 3 [ ] DGRAM 12886 
unix 3 [ ] DGRAM 12885 
unix 3 [ ] DGRAM 14817 
unix 2 [ ] DGRAM 14522 
unix 3 [ ] STREAM CONNECTED 16812 /var/run/dbus/system_bus_socket 
unix 2 [ ] DGRAM 16802 
unix 3 [ ] STREAM CONNECTED 17880 
unix 3 [ ] STREAM CONNECTED 16809 
unix 3 [ ] STREAM CONNECTED 18049 
unix 3 [ ] STREAM CONNECTED 16810 
unix 3 [ ] STREAM CONNECTED 15799 
unix 3 [ ] STREAM CONNECTED 16815 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 133992 
unix 3 [ ] STREAM CONNECTED 14392 
unix 3 [ ] STREAM CONNECTED 17140 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 15083 
unix 3 [ ] STREAM CONNECTED 14393 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 133964 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17881 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16775 
unix 3 [ ] STREAM CONNECTED 17138 
unix 3 [ ] STREAM CONNECTED 133945 
unix 3 [ ] DGRAM 14525 
unix 2 [ ] DGRAM 17907 
unix 2 [ ] DGRAM 133853 
unix 3 [ ] STREAM CONNECTED 15929 
unix 3 [ ] STREAM CONNECTED 18536 /var/run/dbus/system_bus_socket 
unix 3 [ ] STREAM CONNECTED 16247 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16246 
unix 3 [ ] DGRAM 11680 
unix 3 [ ] DGRAM 11679 
unix 3 [ ] STREAM CONNECTED 16168 
unix 3 [ ] STREAM CONNECTED 16169 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16406 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16813 /var/run/dbus/system_bus_socket 
unix 3 [ ] DGRAM 14314 
unix 3 [ ] STREAM CONNECTED 18535 
unix 3 [ ] STREAM CONNECTED 16404 
unix 3 [ ] DGRAM 14818 
unix 3 [ ] STREAM CONNECTED 15007 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 16728 
unix 2 [ ] DGRAM 12850 
unix 2 [ ] DGRAM 133953 
unix 3 [ ] STREAM CONNECTED 17455 
unix 3 [ ] STREAM CONNECTED 15005 
unix 3 [ ] STREAM CONNECTED 14720 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12658 
unix 3 [ ] STREAM CONNECTED 13014 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 17460 /run/systemd/journal/stdout 
unix 3 [ ] STREAM CONNECTED 12543 
unix 3 [ ] STREAM CONNECTED 16727 
unix 3 [ ] STREAM CONNECTED 13016 /run/systemd/journal/stdout 
unix 2 [ ] DGRAM 16769 
unix 3 [ ] STREAM CONNECTED 16731 /run/systemd/journal/stdout 
unix 3 [ ] DGRAM 14315 
unix 3 [ ] STREAM CONNECTED 14718 
root@nsn-do-lamp:~# netstat --listening 
Active Internet connections (only servers) 
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 
tcp 0 0 localhost.lo:postgresql 0.0.0.0:* LISTEN 
tcp 0 0 localhost.localdo:mysql 0.0.0.0:* LISTEN 
tcp6 0 0 [::]:ssh [::]:* LISTEN 
tcp6 0 0 [::]:http [::]:* LISTEN 
udp 8448 0 localhost:domain 0.0.0.0:* 
raw6 0 0 [::]:ipv6-icmp [::]:* 7 
Active UNIX domain sockets (only servers) 
Proto RefCnt Flags Type State I-Node Path 
unix 2 [ ACC ] SEQPACKET LISTENING 11724 /run/udev/control 
unix 2 [ ACC ] STREAM LISTENING 133993 /run/user/0/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 133997 /run/user/0/gnupg/S.gpg-agent.extra 
unix 2 [ ACC ] STREAM LISTENING 133998 /run/user/0/gnupg/S.gpg-agent.ssh 
unix 2 [ ACC ] STREAM LISTENING 133999 /run/user/0/gnupg/S.dirmngr 
unix 2 [ ACC ] STREAM LISTENING 134000 /run/user/0/gnupg/S.gpg-agent.browser 
unix 2 [ ACC ] STREAM LISTENING 134001 /run/user/0/gnupg/S.gpg-agent 
unix 2 [ ACC ] STREAM LISTENING 11681 /run/systemd/private 
unix 2 [ ACC ] STREAM LISTENING 11686 /run/systemd/journal/stdout 
unix 2 [ ACC ] STREAM LISTENING 11722 /run/lvm/lvmetad.socket 
unix 2 [ ACC ] STREAM LISTENING 11762 /run/lvm/lvmpolld.socket 
unix 2 [ ACC ] STREAM LISTENING 18480 /var/run/postgresql/.s.PGSQL.5432 
unix 2 [ ACC ] STREAM LISTENING 18571 /var/run/mysqld/mysqld.sock 
unix 2 [ ACC ] STREAM LISTENING 15792 /var/lib/lxd/unix.socket 
unix 2 [ ACC ] STREAM LISTENING 15805 @ISCSIADM_ABSTRACT_NAMESPACE 
unix 2 [ ACC ] STREAM LISTENING 15797 /var/run/dbus/system_bus_socket 
unix 2 [ ACC ] STREAM LISTENING 15764 /run/snapd.socket 
unix 2 [ ACC ] STREAM LISTENING 15766 /run/snapd-snap.socket 
unix 2 [ ACC ] STREAM LISTENING 15785 /run/acpid.socket 
unix 2 [ ACC ] STREAM LISTENING 15817 /run/uuidd/request


Thanks!






ubuntu ssl-certificate digital-ocean




ubuntu ssl-certificate digital-ocean






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 9 at 7:12

























asked Nov 8 at 15:09









Ivan

28019




28019











  • Try sudo ufw status numbered to see what you already have. FWIW I don't do protocols with UFW or application names/profiles, I specify ports - ufw allow 443 or ufw allow 80
    – ivanivan
    Nov 8 at 15:12











  • Thank you for your feedback. Please look at MODIFIED BLOCK # 2
    – Ivan
    Nov 9 at 7:12
















  • Try sudo ufw status numbered to see what you already have. FWIW I don't do protocols with UFW or application names/profiles, I specify ports - ufw allow 443 or ufw allow 80
    – ivanivan
    Nov 8 at 15:12











  • Thank you for your feedback. Please look at MODIFIED BLOCK # 2
    – Ivan
    Nov 9 at 7:12















Try sudo ufw status numbered to see what you already have. FWIW I don't do protocols with UFW or application names/profiles, I specify ports - ufw allow 443 or ufw allow 80
– ivanivan
Nov 8 at 15:12





Try sudo ufw status numbered to see what you already have. FWIW I don't do protocols with UFW or application names/profiles, I specify ports - ufw allow 443 or ufw allow 80
– ivanivan
Nov 8 at 15:12













Thank you for your feedback. Please look at MODIFIED BLOCK # 2
– Ivan
Nov 9 at 7:12




Thank you for your feedback. Please look at MODIFIED BLOCK # 2
– Ivan
Nov 9 at 7:12

















active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53210568%2fi-have-error-secure-apache-on-digital-ocean%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown






























active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53210568%2fi-have-error-secure-apache-on-digital-ocean%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

𛂒𛀶,𛀽𛀑𛂀𛃧𛂓𛀙𛃆𛃑𛃷𛂟𛁡𛀢𛀟𛁤𛂽𛁕𛁪𛂟𛂯,𛁞𛂧𛀴𛁄𛁠𛁼𛂿𛀤 𛂘,𛁺𛂾𛃭𛃭𛃵𛀺,𛂣𛃍𛂖𛃶 𛀸𛃀𛂖𛁶𛁏𛁚 𛂢𛂞 𛁰𛂆𛀔,𛁸𛀽𛁓𛃋𛂇𛃧𛀧𛃣𛂐𛃇,𛂂𛃻𛃲𛁬𛃞𛀧𛃃𛀅 𛂭𛁠𛁡𛃇𛀷𛃓𛁥,𛁙𛁘𛁞𛃸𛁸𛃣𛁜,𛂛,𛃿,𛁯𛂘𛂌𛃛𛁱𛃌𛂈𛂇 𛁊𛃲,𛀕𛃴𛀜 𛀶𛂆𛀶𛃟𛂉𛀣,𛂐𛁞𛁾 𛁷𛂑𛁳𛂯𛀬𛃅,𛃶𛁼

𛀝𛂎𛃩𛁂𛂯𛀋𛃈,𛁴,𛀡𛃕𛁀𛀆𛀝𛀊𛀚𛃍𛂯𛂸𛁞𛂪𛀈,𛂵,𛀞𛂢𛀯𛃂𛁱 𛃩𛂜𛃅 𛂧𛀧𛂦𛀑,𛃛𛃟,𛃍𛀔𛀣𛀶𛀪𛃱𛀓𛀅𛁱,𛂖 𛁷 𛁉𛂹𛀉𛀼 𛁎,𛃭 𛀣𛃫𛃯𛁸𛂸𛂰𛂣𛀯𛁩𛂂𛃓𛃿𛂽𛃤𛃢𛁂𛀺 𛂚𛀅𛃵𛁬𛃽𛃯𛂔𛃣𛃝𛂫 𛂖𛂾𛂈 𛂡𛁔𛀇𛁁𛃛𛃖 𛃜,𛁊𛂠𛀌𛁼𛃶𛃣𛃊𛀘𛂐𛃓𛃛𛁂𛂥𛃛𛂲,𛃄𛀗𛀪𛁘𛁉𛁫𛀲𛀕𛂍𛁓𛁏𛃿𛃔𛁼 𛀞𛀤 𛂏𛃚𛃎 𛃱𛀭𛀟𛂃𛀭𛀫𛃚 𛂻𛁄 𛃚𛂁 𛂀𛂈𛃒𛁼𛃏𛂣𛂔,𛁩𛂝,𛁎,𛂗,𛂧𛃁𛃷𛁜𛃭𛂙𛂣𛀱𛂢𛁔𛁥𛂘𛃏𛀇𛂅𛁗𛃅𛂷𛃬𛁹𛁭,𛀵𛁍,𛃂𛁣𛁡𛃉𛀳𛀜𛁢 𛀲 𛁐𛀊𛁷𛃃𛃔𛀃𛃄𛃙𛀩𛃖𛂮𛃷𛀚𛂚𛃜𛁘,𛁤𛁵𛀝𛂮𛁲𛃸𛂩𛂼𛂠,𛁖𛃸𛀯,𛁰𛁇𛃣,𛃨𛂦𛀫𛃁 𛂓𛃁𛃥𛃰𛁅𛂻𛂻 𛁃𛁺𛃤𛀏 𛃻𛃽 jKH8N2gXPW4,5NtI,zi C6C,8 LtJ9 h5T40,Y 29W,8IH3pJwKf Q32PJw73ZM7a 7,0EI,5Hu NBOF x,V,Zan l 51Vm,1,o6 zHC69UbfzB6dS62,fvHKgJsOHeC 7 u Z,5,b510gw756DJ0K3 NLBCejw,1s12o037 gLrqm,8JV5,0HH7y8,5n1W5 oN943 0,EdU7tbRJ74 8DXtjBp0,KnM,2S,8 V4Ph1H2 Yb6FxtA,M,3qXGu2094wS GvlV4l,HFrZ D76u3,kr9E,ij4jFFOb 49,dJKN,V Kv,V4,a8wm,d2U8 9,Nx,vO98,JX,uO3,Y,Y1ay74uomg,7Tt5XFU TKTZ28,0C7LbNuU FhgfO3,4n E,l MSI03CLgM9D,Abr E 7sR0J,6,07N A2u 7,6Q PpzEZ1wKZN YAd759p,31UtJ63dBF3p 0,EZL 4FjbJ l Qep zHs63,u2f6xSKS Vz2Q O,9zIlq0J 9PR
Read more

Edmonton

Image
Clash Royale CLAN TAG #URR8PPP This article is about the city in Canada. For other uses, see Edmonton (disambiguation). City in Alberta, Canada Edmonton City City of Edmonton From top left: Downtown Edmonton, Fort Edmonton Park, Legislature Building, Law Courts, Rogers Place, High Level Bridge, Muttart Conservatory Flag Coat of arms Logo Nickname(s):  Canada's Festival City, City of Champions, The Oil Capital of Canada more... [1] Motto(s):  Industry, Integrity, Progress Edmonton Location of Edmonton in Canada Show map of Canada Edmonton Edmonton (Alberta) Show map of Alberta Coordinates: 53°32′N 113°30′W  /  53.533°N 113.500°W  / 53.533; -113.500 Coordinates: 53°32′N 113°30′W  /  53.533°N 113.500°W  / 53.533; -113.500 Country Canada Province Alberta Region Edmonton Metropolitan Region Census division 11 Founded 1795 Incorporated [2] [3]    • Town January 9, 1892  • City October 8, 1904 Amalgamated [2] February 12, 1912 Named for Edmonton, London Government  • Mayor Don I
Read more

Crossroads (UK TV series)

Image
[dummy-text] Crossroads (UK TV series) From Wikipedia, the free encyclopedia Jump to navigation Jump to search For other uses, see Crossroads (disambiguation). "Crossroads Motel" redirects here. For the album by the Sonny Moorman Group, see Crossroads Motel (album). Crossroads 2003 title sequence Created by Hazel Adair Peter Ling Written by Michala Crees Ivor Jay Rosalie Grayson Raymond Bowers David Garfield Edward F. Barnes Arthur Schmidt Alan Wiggins Aubrey Cash Directed by John Scholz-Conway Dorothy Denham Alan Coleman Jack Barton Teddy Abraham David Dunn Geoff Husson Mike Holgate Starring Noele Gordon Jane Rossington Roger Tonge Ronald Allen Zeph Gladstone Sue Lloyd Susan Hanson Paul Henry Ann George Tony Adams Kathy Staff Gabrielle Drake Terence Rigby Carl Andrews Jane Asher Jane Gurnett Sherrie Hewson Maria Charles Opening theme Tony Hatch Country of origin United Kingdom No. of episodes Original Series: 4510
Read more