I have a client who needs to block IP range on a windows server. However, he is using Cloud hosting from Rackspace. I guess they are not being corporative in doing so. Anyway to do this without root? Perhaps from the control panel?
I have a website on a linux-server working fine with PHP/Apache. The page loads a lot of css/js/image-stuff (total 84 requests, 220k), it takes about 4 secs to load via internet.
Now I'm testing the same page locally on a Win7-64-system (Apache 2.2, PHP 5.4). The system is not very slow (8 GB RAM, SSD, i7-CPU), but loading the same page as above takes about 50 secs.
The Q is: What might be the problem?
- I turned off firewall and anti-virus.
- I used mod_status: 150 threads, max. 11 seems to be used during the loading of the page.
- I tried php5apache2_2.dll with TS-PHP 5.4 and mod_fcgid.so with NTS-PHP 5.4, but the loading-time kept almost the same.
Looking at the "network-tab" in FF or Chrome, I found that a lot of subqueries get a timing like this:
Blocking: 11.96 s Sending: 0 Waiting: 1 ms Receiving: 6ms
So the loss of time seem to be in the "blocking"-section. I first thought of something like "limited number of TCP-Connections", but as said above, on the same system the page is remotly loaded fast enough almost without these "blocking"-parts.
I am having some problems with the inbound smtp sockets, we are receiving a constant attack from spammers, and they are taking all the sockets we have open for our users. We have enable SPF, greylisting, inbound control access through authentication, relay access with authentication also. but after some weeks we are on the same situation yet. We have spam assasin also installed as power pack from plesk, and we have add DSN black list from b.barracudacentral.org, bl.mailspike.net and bl.spamcop.net but we still suffer from this problem.
We have also try to increase the socket assigned to 200 and after some minutes they used all again and the CPU change increase up to 25% of the total capacity.
The problem is a bug in one domain (the principal) for which a backup job unfinished blocking the domain. Unable to unlock the domain and indicated (in version 10.4.4) I had a backup job unfinished. Restarting the server did not solve anything.
We upgraded to plesk 11 and this is the error that now comes in all requests for backup, to click on "Admin Backup":
Failed to parse response. Reason: XML error at line 1 column 1. Error message: Not well-formed (invalid token) Process output: The system cannot find the file specified. (Error code 2) at Unable to connect to pipe .pipepsapipe ---------------------- Debug Info ------------------------------- 0: PMMConnector.php:642 PMMConnector->getResponse(object of type StreamXMLReader) 1: PMMConnector.php:74
I set up a forum for a small group of users, so I don't really wish to see spiders or bots on it, so I've put a robots.txt file there to prevent all of them from accessing the forum pages.
I know not all bots follow the robots.txt rule, and these days a really annoying bot called MUNAXNET or Munax AB with IP range 188.8.131.52 - 184.108.40.206 is causing the forum to have extra and unexpected loads.
I've tried to block this IP range with .htaccess and uploaded it to the root of the site a few days ago, here is the content:
<Limit GET HEAD POST> order allow,deny deny from 220.127.116.11-18.104.22.168 allow from all </LIMIT> However strangely it seems that all of these are not working for this bot, today I saw my forum had 80 users online and that army still keeps coming and browsing all pages of my forums...
I tested the .htaccess with blocking myself, and it actually worked for me, dunno why it's not working for that bot..
I need to ban IP range and I inserted say ip 22.214.171.124 in the deny_hosts rules, this should ban range from 12.44 but strange is people from that range still be able to access my site, any idea what went wrong?
I am getting my quote back Tuesday but need a little bargaining power with these guys...
Oakland, Ca datacenter
40mbps, 20A, 42U rack.
What should I be looking at price range here, how much per mbps?
Only info I've seen is from 2003 where people were saying $200/mbps. Obviously prices have come WAY down. I've seen people on here reselling internap bandwidth for $12/mbps, but they might have bought a huge commit.
we have 3 server with Liquidweb that have problem to "resolve" a server locate in Italy
Email sent from server with LW to Italy server is not sent and stay in queue.
We try to force delivery and error is:
Message 1Je39R-0000wk-3N is not frozen LOG: MAIN cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1Je39R-0000wk-3N delivering 1Je39R-0000wk-3N Connecting to italyserver.com [**.**.**.**]:25 ... failed: Connection timed out (timeout=5m) LOG: MAIN italyserver.com [**.**.**.**]:25 Connection timed out LOG: MAIN == firstname.lastname@example.org R=lookuphost T=remote_smtp defer (110): Connection == timed out
We have check, there aren't problem with port and firewall All seesm ok, for all server We have try to restart exim, reboot, .. Emails don't start from 3 server LW to 1 in Italy
We have try to ping from server LW the Italian server and the problem is the same, found IP but 100% packet lost.. If we ping from 3 server LW a IP of server that is "over" the server IT is all ok
The problem seems only with single IP
So, we have try to send from server in Italy to 1 of 3 server under LW.. same problem
------ Message 1JeSBO-0003CD-HO is not frozen LOG: MAIN cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1JeSBO-0003CD-HO delivering 1JeSBO-0003CD-HO Connecting to mail.serverlw.it [**.**.***.**]:25 ... failed: Connection timed out (timeout=5m) LOG: MAIN mail.serverlw.it [**.**.***.**] Connection timed out LOG: MAIN == email@example.com R=lookuphost T=remote_smtp defer (110): == Connection timed out ------
LW support not have suggest solutions and also Italian support not have idea of problem solution
Some of our client emails are being blocked and it appears that the whole GNAX range of more than 103680 IP addresses was blocked.
As you should know now: It is not you, it is your complete provider which got UCEPROTECT-Level 3 listed.
Your IP xxx.xxx.xxx.xxx was NOT part of a spamrun, but you are the one that has freely chosen your provider.
By tolerating or ignoring that your provider doesn't care about spammers you are indirectly also supporting the global spam with your money. Seen from this point of view, you really shouldn't wonder about the consequences.
What I want to know is how often do it happens that a datacenter have all it's IP addresses being blocked?
I contacted Gnax about this but their response was merely that they will take steps and the whole range will eventually be delisted. (Obviously the immediate removal fee of $200 something is too much for them)
Ironically merely a few hours AFTER I contacted them I got a "warning" about spam send from one of our clients.
The date of the email was a few weeks AGO and We already long ago warned our LEGIMATE client that such emails are not allowed and the account will be terminated if it happens again. (In other words WE immediately acted against potential spam while Gnax not and then have the nerve to warn US after WE informed them of the blacklisting)
On the one hand I understand that it can be difficult for a very large provider and uceprotect.net seems a bit harse to block ALL IP addresses due to 0.238 % spam ip addresses.
This came as a surprise today, I setup a server-based RSS reader and could not get WHT's forum RSS feeds. A little digging revealed it was the default APF installation that was blocking the 126.96.36.199/8 range, which includes WHT and a chunk of Softlayer's ip range.
The quick fix is easy, just remove that range from the /etc/apf/internals/reserved.networks file and restart, in the latest apf version, I don't know how many apf versions back this block goes.
The APF folks do a fantastic job in keeping APF up to date, but this seems to be recent update to this particular ip range that hasn't made it into APF yet.
I want to stop users from country X from accessing my website, I know I can ban people's IPs but I dont know if it is possible to ban certain geographical area and if so, I haven't got a clue about how to do it.
I've read that all ethernet switches in a MST Region need the same Name, Revision number, and list of member vlans for each Instance. So what happens when you need to change the range of VLANs in a MSTI ? Let's say that you need to add a range of vlans to an instance that spans 20 switches? How would you do that?
I've been trying to install a new WHM/cpanel in a clean machine with RAID 1 and in the middle in the install (its a long process as u may know well) throws me some strange messages like this
Apache restart failed. Unable to load pid from pid file and no httpd process found in process list.
If apache restart reported success but it failed soon after, it may be caused by oddities with mod_ssl.
You should run /scripts/ssl_crt_status as part of your troubleshooting process. Pass it --help for more details.
Also be sure to examine apache's variouse log files.
============================================================================= Package Arch Version Repository Size ============================================================================= Installing: compat-db i386 4.2.52-5.1 base 1.7 M db4-devel i386 4.3.29-9.fc6 base 2.0 M openssl-devel i386 0.9.8b-8.3.el5_0.2 base 1.8 M pam-devel i386 0.99.6.2-3.26.el5 base 188 k rpm-build i386 4.4.2-47.el5 base 551 k zlib-devel i386 1.2.3-3 base 101 k Installing for dependencies: e2fsprogs-devel i386 1.39-10.el5_1.1 updates 563 k elfutils i386 0.125-3.el5 base 163 k elfutils-libs i386 0.125-3.el5 base 105 k keyutils-libs-devel i386 1.2-1.el5 base 27 k krb5-devel i386 1.6.1-17.el5_1.1 updates 1.9 M libselinux-devel i386 1.33.4-4.el5 base 131 k libsepol-devel i386 1.15.2-1.el5 base 189 k
Total download size: 9.3 M Downloading Packages: http://mirror.steadfast.net/centos/5..._0.2.i386.rpm: [Errno -1] Package does not match intended download Trying other mirror. http://mirrors.rit.edu/centos/5.1/os..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://yum.singlehop.com/CentOS/5.1/..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://centos-distro.cavecreek.net/c..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://ftp.osuosl.org/pub/centos/5.1..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://mirror.trouble-free.net/cento..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://mirrors.unbornmedia.com/cento..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://pubmirrors.reflected.net/cent..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://mirrors.bluehost.com/centos/5..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror. http://ftp.usf.edu/pub/centos/5.1/os..._0.2.i386.rpm: [Errno 9] Requested Range Not Satisfiable Trying other mirror.
Error Downloading Packages: openssl-devel - 0.9.8b-8.3.el5_0.2.i386: failure: CentOS/openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm from base: [Errno 256] No more mirrors to try.
this one is because it cant find the mirrors!
Well there are some other errors, but those worry me the most. i've done the install as appears in the cpanel website, dunno why i get these errors. Any suggestion is appreciated.
btw, its a centos 5.1 install with no GUI and no extras installed.
Is there some way to trigger a script or send an email if someone from a specified IP or IP range (e.g. 125.125.125.%) accesses an account, or any URL on the server? Perhaps by placing something within .htaccess or httpd.conf or something of that nature.
For instance, an email "$IP is visiting the URI $REQUEST_URI" would be sent, or a PHP script that sends the email would be triggered (though in that case, I'd need some way to tell the script the IP and URI).
And in a related matter, is there any way (perhaps some existing software) to filter the access logs of an account to find all requests by a certain IP address?
Come across this a few times now, when I come to issue a new VPS find that a IP address is on a spam list from a previous owner of the IP range, even came across and IP block we got issued with a few null-routed IPs!
Has anyone, or hosting providers come across this? Where datacenter issue IPs with problems? On spam lists or worse . . .