Can't open port 5000

For one of my websites to work it is required to open port 5000. To make this happen, I have opened the port from the Webmin Firewalld by adding port 5000 tcp.

But when I check on the port checker website by putting my server IP and port 5000, it shows the port is closed/blocked.

I am new to Webmin and recently migrated from another panel. I had no issue with opening a port from my previous panel (Cyberpanel). I am using same OS, same VPS server, just the webpanel is changed which is Webmin/virtualmin now.

Anyway, I am stuck for this issue since a week. Here are some screenshots for reference.

OS type and version Ubuntu 22.04
Webmin version 2.111

Does your VPS provider have a firewall also? Have you checked to make sure the service is listening on port 5000?

netstat -ap |grep 5000

From a an outside box
traceroute -p 5000 yourdomain.tld

My VPS provider don’t have any firewall at their end.

As I have already mentioned at the original post- Its the same VPS, just a fresh installation of Ubuntu with Webmin.

Previously it was all fine with the port 5000 or any other port I need to open, when I was using Cyberpanel.

I know this is simplistic, but, we need to confirm all steps. We seem to get burned by this all the time. :frowning:

After a rule is created, it must be applied;

From a terminal:
firewall-cmd --list-ports

Again, we need to know the service is actually running and listening on the port so from the terminal:
netstat -ap |grep 5000

Yes I forget to mention that I have “applied” rules that I added multiple times… Also restarted firewalld service, restarted the VPS several times.

It doesn’t look like anything is running on port 5000.

2000 is the port for Usermin, you should see something like this. (note the -ap flag is all and program) :

root@main:~# netstat -ap |grep 20000
tcp        0      0 *               LISTEN      2493307/perl        
udp        0      0 *                           2493307/perl

I guess we should make sure port 5000 isn’t assigned in /etc/services on your computer:

grep 5000 /etc/services

It doesn’t look like anything is running on port 5000.

I have a python library which needs the port 5000 to be opened, in order to work/call the library via API from a frontend website (For example the API address will be- http://myserver-ip:5000/base)

I guess we should make sure port 5000 isn’t assigned in /etc/services on your computer:

The firewall can allow access to port 5000, but if there is nothing listening, then nothing happens.

https://mydomain.tld:20000 will open a page for usermin

which is listening on port 2000:
root@main:~# netstat -ap |grep 20000
tcp 0 0* LISTEN 2493307/perl
udp 0 0* 2493307/perl

When you did netstat -ap |grep 5000 you showed nothing on that port. It looks to me as though you don’t have the web app working correctly for some reason. But, that’s as far as I can help. I’m more a network guy that had to learn some server.

I have installed the Webapp correctly (in this case its my custom Python library) on my VPS.

The thing is- http://server-ip:5000 showing nothing (can’t be reached)… Whereas, it shall show the Gradio web UI which is coded in that library.

Anyway, thanks for your endeavor. I think I have to move back to previous webpanel.

Also, I must mention that Webmin definitely has some issue with FirewallD.
Here is one more thing.
I am not using port 22 for SSH… I did set 49999 as my SSH port and its working fine. But as you can see on the first Picture of my original post, webmin showing a rule for ssh port 22.

Now, when I check the port 22 from a port checker website it shows the port is blocked. But firewallD still has the rule.

No. The rule is a default. Just because you change the port and open a new one, it doesn’t auto-magically remove the old one. The underlying software has no way of knowing if you will still be using it. I have the same setup on my server. I changed the port sshd listens on but left the old default rule.

ssh: connect to host port 22: Network is unreachable

If you find a client that says it is blocked, well, it has no real way of knowing why the connection failed in some cases. Assuming all refusals are firewall blocks is incorrect.

1 Like

Okay, SSH is not the issue here. The first thing I see if the 22 is blocked on a fresh installation. After that only I proceed further.

Anyway, port 5000 is still magically closed.

Its from the terminal after I run my python application service.

I can pretty much assure you that the firewall isn’t blocking anything “localhost” by default.

I kinda, sorta think I remember CSF had some masquerading quirk that would break server connectivity. I don’t think firewalld does this so I won’t suggest you simply turn it off to test unless your provider has remote terminal access for cases like this.

Also, what you posted looks strange. It is trying to connect before it is started?

It says it is trying to connect to the port it eventually says it is running on?

Open Terminal in Webmin

use the following command to open port 5000

firewall-cmd --permanent --add-port=5000/tcp

Apply the changes by reloading the firewalld

firewall-cmd --reload

list the rules

firewall-cmd --list-all

Hope this helps…

Edited to add the following info:

Check to make sure you do not have ubuntu firewall ufw running. I know from experience that sometimes it will get installed during the OS installation.

ufw status

If it comes back that it installed an running than you will need to uninstall it.

1 Like

It worked :grinning:. Now my App is accessible at http://server-ip:5000.

Many Many thanks for your valuable time.

What specifically worked? It would be helpful to know for future reference.

I think this is an XY problem.

You probably ought to proxy to your web applications on a local port rather than pointing users to weird ports. That’s generally how folks handle this.

We recently had someone with the same problem (they wanted port 8000, but it’s the wrong solution in either case). I’m sure your application server documentation covers proxying through Apache or nginx, because that’s how you should deploy web apps for production. No access to https through a new port - #39 by Joe

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.