How to change port from 8080 to 80 for SSL Cirtifcate
Hi, I wanted to renew my ssl certificate and got this error" Problem binding to port 80: Could not bind to IPv4 or IPv6. I found out that my port is 8080 and wanted to change to 80 here's what I did:
- run sudo nano /etc/apache2/ports.conf added the listen 80 and
went to the - sudo nano /etc/apache2/sites-available/thewebsite.com.conf file and change the VirtualHost *:8080 to 80, 3. restarted apache
and got this error. error: maximum authentication attempts exceeded for root from Ip port 24208 ssh2 [preauth] Aug 30 11:45:19 fparadoxes sshd[27403]: Disconnecting authenticating user root ip port 24208: Too many authentication failures [preauth]
I also tried to renew the cr with --apache plugin instead of --standalone with no luck.
I ran ufw reports and found these errors. I don't know if it's related or not:
WARN: Duplicate profile 'Apache', using last found
WARN: Duplicate profile 'Apache Secure', using last found
What Im i doing wrong?
3 Replies
error: maximum authentication attempts exceeded for root from Ip port 24208 ssh2 [preauth] Aug 30 11:45:19 fparadoxes sshd[27403]: Disconnecting authenticating user root ip port 24208: Too many authentication failures [preauth]
This error has come from the SSH service, not Apache. It is indicative of a brute force password attack on your root user.
Problem binding to port 80: Could not bind to IPv4 or IPv6
This error suggests that there is already another service listening on port 80.
Did you get this error from Certbot? If so, Apache would already likely be listening on port 80. It is best to use the Apache plugin; what issues did you have with this?
jtoscani
Linode Staff
First and foremost, with regards to those error messages in point 2 (and as mentioned by @andysh), it looks as though your server is undergoing a brute force attack at the moment. This is a problematic security issue, so our first recommendation would be to secure your server by hardening SSH access and consider implementing a service such as Fail2Ban.
Moving onto your SSL renewals: For the —standalone plugin, I would try turning off your Apache service first, so that nothing is listening on port 80. You can start it back up once you’ve successfully updated your certificate:
- Ubuntu and Apache:
sudo systemctl stop apache2 - CentOS 7 and Apache:
sudo systemctl stop httpd
If utilizing the —apache plugin, make sure you’re using a compatible image. From this Certbot user guide:
The Apache plugin currently supports modern OSes based on Debian, Fedora, SUSE, Gentoo and Darwin.
Now my apache is running bc iused a backup.
I have discovered the the two apache profiles are :
VirtualHost configuration: *:443 (/etc/apache2/sites-enabled/example.com-le-ssl.conf:2)
*:8080 (/etc/apache2/sites-enabled/example.com.conf:7)
now when i tried to add the 80 port to both of the apache one at a time, it indicated error, can you advice what should I do to renew without any errors. thanks
@jtoscani @andysh i stoped apache before renewing and i got an error and tried --apache plugin with no luck. I used a delete/ backup nearly 9 times in two days.