skip to Main Content

Overview

I am trying to set up an Apache webserver on a Windows 11 machine running Windows Subsystem for Linux (WSL) on my home computer. Using the IP address returned for eth0 by ip a in a WSL shell, say 172.26.xx.xx, I can access my simple web page from the same computer. However, I cannot access the page from another computer in the same network.

Details

My ports.conf file, located at /etc/apache2, contains the following, in addition to a few comments:

Listen 80

<IfModule ssl_module>
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

Stripped of comments, my apache2.conf file, located at /etc/apache2, contains

DefaultRuntimeDir ${APACHE_RUN_DIR}
PidFile ${APACHE_PID_FILE}

Timeout 300
KeepAlive On
MaxKeepAliveRequests 100

KeepAliveTimeout 5

User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

HostnameLookups Off

ErrorLog ${APACHE_LOG_DIR}/error.log

LogLevel warn

IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

Include ports.conf

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Require all denied
</Directory>

<Directory /usr/share>
    AllowOverride None
    Require all granted
</Directory>

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

AccessFileName .htaccess

<FilesMatch "^.ht">
    Require all denied
</FilesMatch>

LogFormat "%v:%p %h %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" vhost_combined
LogFormat "%h %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" combined
LogFormat "%h %l %u %t "%r" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf

My 000-default.conf file, located at /etc/apache2/sites-available, contains

<VirtualHost *:80>
    ServerName www.example.com
    ServerAlias example.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/html
    <Directory /var/www/html>
           AllowOverride All
           Options All
           Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

For what’s worth, I do have a registered domain which I use to instead of example.com above. (Because I am behind a home router without a static IP address, I used ddclient to setup a dynamic DNS with my provider. This seems to be working, insofar as the same IP address is shown for my network by https://whatismyipaddress.com/ and in the automatically populated field in the management page of my DNS registrar. However, unless I completely misunderstand things, this is irrelevant, because I cannot access my page from another computer even within the same network.)

What I have tried

Honestly, not much. The configuration of the Apache server seemed to me pretty straightforward, and for connections from the same computer it run right away. The only things I could think of were

Port forwarding issues.

Running sudo ufw status verbose on the WSL shell returns

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                            Action      From
--                            ------      ----
22/tcp                        ALLOW IN    Anywhere                  
80/tcp                        ALLOW IN    Anywhere                  
443                           ALLOW IN    Anywhere                  
80,443/tcp (Apache Full)      ALLOW IN    Anywhere                  
22/tcp (v6)                   ALLOW IN    Anywhere (v6)             
80/tcp (v6)                   ALLOW IN    Anywhere (v6)             
443 (v6)                      ALLOW IN    Anywhere (v6)             
80,443/tcp (Apache Full (v6)) ALLOW IN    Anywhere (v6) 

which looks fine with me. Following instructions from here, I ran netsh interface portproxy to map ports 80 and 443 on the Windows computer to ports 80 and 443 on WSL. The key commands in the script are

netsh interface portproxy delete v4tov4 listenport=$port listenaddress=$addr"

and

netsh interface portproxy add v4tov4 listenport=$port listenaddress=$addr connectport=$port connectaddress=$remoteport

with $remoteport matching the IP address 172.26.xx.xx returned by ip a and $addr left as 0.0.0.0.

I have also created an inbound rule in Windows Defender Firewall, following the instructions at https://www.nextofwindows.com/allow-server-running-inside-wsl-to-be-accessible-outside-windows-10-host, but I believe those are superseded in WSL2 by the instructions above. Both of these potential solutions have been discussed at Access a web server which is running on WSL (Windows Subsystem for Linux) from the local network, but neither one nor any other suggestion in the question worked for me.

I don’t know whether this port forwarding was truly necessary, or how to diagnose whether it did what it was supposed to do. In any case, I ran netstat -aobn | findstr :80 in a priviledged Powershell session from Windows, which returned

TCP    0.0.0.0:80             0.0.0.0:0              LISTENING       5720
TCP    10.0.0.229:56431       10.0.0.249:8009        ESTABLISHED     11868
TCP    10.5.0.2:54444         192.229.211.108:80     CLOSE_WAIT      22772
TCP    [::1]:80               [::]:0                 LISTENING       9280

as well Get-NetTCPConnection | where localport -eq 80, which returned, edited for compactness,

LocalAddress LocalPort RemoteAddress RemotePort State  AppliedSetting OwningProcess
------------ --------- ------------- ---------- -----  -------------- -------------
::1          80        ::            0          Listen                9280
0.0.0.0      80        0.0.0.0       0          Listen                5720

Does anyone see anything interesting there?

Investigating logs.

In /var/logs/apache2/error.log there are many groups just like

[Sun Oct 15 18:37:05.433219 2023] [mpm_event:notice] [pid 19762:tid 139729704814464] AH00493: SIGUSR1 received.  Doing graceful restart
[Sun Oct 15 18:37:05.441983 2023] [mpm_event:notice] [pid 19762:tid 139729704814464] AH00489: Apache/2.4.52 (Ubuntu) configured -- resuming normal operations
[Sun Oct 15 18:37:05.441995 2023] [core:notice] [pid 19762:tid 139729704814464] AH00094: Command line: '/usr/sbin/apache2'

and nothing else, but these match the many times in which I ran sudo a2dissite 000-default.conf, sudo systemctl reload apache2, sudo a2ensite 000-default.conf, and sudo systemctl reload apache2 in this order after a change.

Here are other configuration parameters, in the unlikely case it matters:

  • Desktop running 11 version 23H2 build 25967.1010.
  • WSL version 2.0.3.0
  • Ubuntu 22.04.03, kernel version 5.15.123.1-microsoft-standard-WSL2
  • Apache Apache/2.4.52 (Ubuntu)

My question is how I diagnose the problem, as this is a learning experience for me, but a straight up solution is welcome too, of course.

2

Answers


  1. Chosen as BEST ANSWER

    My original issue may have been related to running the server in WSL. The evidence for that is that I do not have problems when running a server on a dedicated Linux machine. I have given up on my original approach and followed this new approach instead.


  2. I’ve wasted all day setting things up in WSL Ubuntu and I will now go back to Linux proper.. No more WSL for me !

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search