I have an HTTP server (IIS 10) running on port 80. I'm forwarding port 80 on the router to my HTTP server's machine. I've been running the server across the Internet just fine until yesterday when I noticed that I can no longer connect. I can only connect locally (127.0.0.1).
Things I've tried in no particular order:
Things that have changed since last known to work:
Solved! Go to Solution.
Port 80 is showing as "filtered" by IPFingerPrints. The only thing I can think of is that Comcast/Xfinity has recently blocked port 80 to my Public IP. If true, I am going to be so angry. I spent too much time troubleshooting.
I just checked. Nope, inbound port 80 isn't blocked if you deliberately open it. Sure that's a good idea though? From somewhere else on the weberverse:
# nmap [external IP address] -Pn -p 80
PORT STATE SERVICE
80/tcp open http
You will never find a more wretched hive of swine and villeny as the comcast network......
I think much better questions are why would you do this with a windows box, and why port 80 anyway? If you're really going to do this, you also want packet filtering and remote attack mitigation for two reasons.
1. You're now a remote exploit target and should expect the worst.
2. Since you're a remote expolit target, you're going to pick up a whole lot of traffic once a portscan bot hits, and it's going to drive up your data usage, perhaps over the 1TB cap depending on how weak your setup is.
If the goal is to just be able to get content from a box on the inside of your network, there are other ways to do this. Depends on what problem you are trying to solve as to what that solution should be.
^ Very reasonable advice.
My problem: I ran netstat -a and found that 127.0.0.1 was the only listed IP listening on port 80. I ran netsh http delete iplisten ipaddress=127.0.0.1 which resulted in 0.0.0.0 listening on port 80, and now it's working again. I wish I knew what made the changes to my machine. That was really frustrating.