Allow Web Console through Cloud Server Firewall after Firewall is installed
Problem - If a Firewall is installed and enabled on the Cloud Server without allowing port 31297, the Web Console will be blocked and stop working.
If the instructions in our FAQ on Starting A Cloud Server Firewall Without Blocking The Web Console were not followed closely, the Web Console can easily end up blocked on a Cloud Server. If this happens, you can use these solutions to unblock the Web Console and regain access to your server.
Solution 1 - Direct SSH with a Terminal
If port 22 is not blocked on your network, you can use a terminal program to connect to the server with a direct ssh connection and add the correct port to the firewall. See our Introduction to Linux Academy course for details on how to connect via SSH directly. Be sure to use the current user password and not the default 123456. Once connected, log into the root account and run the appropriate command for your server:
CentOS 7 or Red Hat 7 with Firewalld:
firewall-cmd --add-port 31297/tcp --permanent && firewall-cmd --reload
Ubuntu with UFW:
ufw allow 31297
Solution 2 - Use another Server's Web Console
As part of the subscription with Linux Academy, we grant 6 slots for Cloud Servers. This means you have extra in case you get locked out of one! You can use one of these extra slots to help open up the firewall on your locked Cloud Server. To do this, start the server as you normally would, then use ssh to connect to the blocked server. You can then run the steps in Solution 1 above to open the port on the firewall.
In the example below, Server 3 is blocked and we are using Server 1 to unlock it. Both servers are CentOS 7 in this example, although we could use any distribution that supports the Web Console in place of Server 1.
First, note that the last command ran on Server 3 is to start the firewall service. The console is now locked and we cannot enter any new commands. If we refresh, the Web Console will show the loading page for the server and will not connect.
To correct this, start a new server in Slot 1 while logged into the Web Console, then used ssh to connect to server 3 and add the appropriate port. Make sure to use the updated password for server 3 and do not try to use the default 123456 password (this is what caused the Permission denied message in the image below).
After completing this, we can refresh the web console on server 3 and see that we can connect again.
If neither of the above solutions work, please submit a ticket and our support team will take a look. We cannot guarantee that we will be able to restore access to your server, but we are happy to help if we can!
Here are a few related FAQ articles that may be able to answer your questions as well: