ISP Blocking port 80/443 - How to go about putting Nextcloud behind proxy?

Fredrik_Burmester · April 13, 2018, 12:55pm

Hi all!

My ISP seems to be blocking ports 80/443 since I cannot reach my Nextcloud server through those ports, but I am able to when changing the ports to 880/8443. How do I go about setting up HTTPS on my server with letsencrypt? (or some other relatively simple solution).

Any advice is appreciated!
Thank you!

jakobssystems · April 13, 2018, 12:58pm

Hard to believe that your ISP is blocking 80/443. Sure that nothing on your side is doing this? AV-Snakeoil, Browser-Plugins etc. perhaps another or a misconfigured Webserver, Firewall, Reverse Proxy? Could be everything!

To answer your question: No Lets Encrypt works only with 80/443

Fredrik_Burmester · April 13, 2018, 1:00pm

I had port forwarding for another web server before but I’ve changed those to the IP of the new server, I’m 100% sure. I have nextcloud installed on Ubuntu Server via snap if that helps. And no AV-Snakeoil, Browser-Plugins etc. And according to this documentation letsencrypt will work with a proxy: https://github.com/nextcloud/nextcloud-snap

" Note: Let’s Encrypt will expect that Nextcloud is exposed on ports 80 and 443. If you change ports and don’t put Nextcloud behind a proxy such that ports 80 and 443 are sent to Nextcloud for that domain name, Let’s Encrypt will be unable to verify ownership of your domain and will not grant certificates."

timmersr · April 13, 2018, 6:51pm

Regarding your ISP blocking ports 80 and 443; I expect that you have the router/modem settings to accept remote management on 80 and 443. This will overrule your NAT / port forwarding settings.

Apart from this issue, you can always use Let’s Encrypt DNS TXT-record verification which isn’t limited by port numbers.

Fredrik_Burmester · April 13, 2018, 8:03pm

How do i disable this? Thank you!

Update: Remote management seems to be turned off.

Fredrik_Burmester · April 14, 2018, 8:44am

I checked nmap and got this result

 PORT     STATE         SERVICE
 22/tcp   open          ssh
 80/tcp   open          http
 68/udp   open|filtered dhcpc
 5353/udp open|filtered zeroconf

I clearly port forwarded port 80. Why doesn’t it work?

But i noticed that port 22 is open. But i actually removed that forward some time ago? Either my port forwarding doesn’t work or something else?

I can access my ddns domain on port 80 from my LAN but not from any other network.

Does this help?