I was wondering if it is possible to block traffic to and from a server with iptables.
Like for example a user transferring files with his ftp client to another server x.x.x.x (FXP)....
been trying with these rules here:
iptables -IINPUT -s x.x.x.x -j DROP
iptables -I OUTPUT -s x.x.x.x -j DROP
iptables -I FORWARD -s x.x.x.x -j DROP
But still the user can transfer to the server destination...
as per apf firewall issue
Jul 17 02:03:02 duck kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:01:02:c9:94:20:00:90:69:8a:f3:f0:08:00 SRC=192.168.1.43 DST=192.168.1.220 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=40428 DF PROTO=TCP SPT=37079 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0
i already added 192.168.1.43 ip in allow list.
tcp:in : d=3306 : s=192.168.1.43
d=3306 : s =192.168.1.43
tcp: out : d=3306 : s =192.168.1.43
# added 192.168.1.43 on 07/19/07 01:15:21
192.168.1.43
But ip is still blocking traffic while monitor mysql....
I have plesk running on virtual machine on SSD drive but some web pages required large storage therefore I added second spinning hdd and mounted it into the file system.
How this could be used within plesk? I was trying symlink but that was not supported by FTP and apache.
I recently signed up a new client to my dedicated server - The minute they switched over to my server, it seems that all hell broke loose. (I'm going to refer to them as "Company A")
Company A called me up and said that one of their employees was getting a huge amount of SPAM and that after a day or two, they were having issues with their E-mail.
I looked at my logs and it showed something unusual-
LOGIN FAILED, user=myclientuser@companya.com, ip=[::ffff:XX.XXX.170.47]: 110 Time(s)
When I explained this to Company A, they ran some virus checks on their computers and 3 out of 5 computers had viruses on them.
They claim to have fixed the viruses but now, they cannot send e-mails to specific clients.
I checked their I.P. against blacklists and they are using Comcast cable internet at their location and I cleared their only blacklisting (spamhaus.org).
I'm still getting calls that Company A cannot e-mail a few of their clients and just to make sure it's not JUST them, I tried to send a test e-mail to the same clients as Company A.
The e-mails from me were rejected due to time-out.
HERE IS MY QUESTION:
Is this an issue on MY end that must be taken care of *OR* is it due to the fact that they had viruses on their computers and now they are blocked because the virus tried to attack everybody in THEIR e-mail address book?
None of my other clients are complaining of e-mail issues or that e-mails are getting kicked back. Just Company A.
I've been carrying some weird hours lately, so I'm able to see activity on my sites that I normally don't see.
Certain IPs are trying to diddle their things into my server and need the boot. It's not consistent (ie not happening every 5, 10 mins)... it's periodically throughout the months. I'll see an IP I blocked 2 months ago just randomly show up at 4:30am and try accessing the same files it was probing during it's last visit. Assuming this is just some sort of bot, can I block it permanently?
I know APF has a collection system that purges an IP list to keep it from bloating, and I had PSM do some hardening so I'm not entirely sure about the workings of APF firewall. So far my IP blocks are blank (which is a good sign!), but I'd like to add some nuisances to it, to keep their crap from appearing in my error logs anymore as "Denied by Server Configuration"
My question is: Can I block people at server level permanently? I do not want their IP being taken out with the purge list that comes by every so often.
My server is getting a lot of spam robots registering as fake users into my forums (altho most emails are invalid
View 2 Replies View RelatedIf your server is blocking googlebot from finding your robots.txt file, how do you configure your firewall to unblock it?
I've searched through Google and I've seen may people just say your firewall is blocking it, but none mention how to really stop it from doing that. Like does Google have an IP it uses, and if so, what is the IP you should whitelist for your server?
As I keep getting that message: Network unreachable: robots.txt unreachable
and I'm sure it's due to a firewall issue, just have no idea how to fix that.
I have a wierd problem on my server. I'm updating an order with my php shopping cart script and notice some of the orders hang on updating. After research I discovered the orders that wont update are orders that have domain names in the textarea field. More specifically. www.yourdomain.com will just hang if I try to update them.
After further research I discovered the if I put an backslash it'll update no problem. IE: www.yourdomain.com
This only happens with domain names inside a textarea. I'm not sure if it's a php config setting, apache setting, my firewall, mod_evasive, mod_security. I've looked at all of them and can't seem to find what is blocking the script from updating just because of www.domainname.com in a textarea.
Is there any way to block or monitor and find scripts such as rapidleech and other torrent upload scripts on a cPanel server?
View 2 Replies View Relatedhow can i remove list of blocking IPs on iptable on my server its over 100 IPs how can i remove it?
View 2 Replies View RelatedWhat traffic monitor would everyone recommend for sites that have as many as 5,000 to 10,000 hits an hour?
View 8 Replies View RelatedThis topic has probably been covered many times. I am trying to block spam bots from direclty accessing scripts on my site. Measures I have taken thus far, also block my site pages that want are designed to use the scripts. This includes Hot Link Protection and a couple of directives in the .htaccess file.
how I can block direct access to my scripts?
Every time my server tries to send mail to Gmails/yahoos - they reject it with the following message:
Code:
Apr 13 11:35:49 m1370 plesk sendmail[5009]: handlers_stderr: PASS
Apr 13 11:35:49 m1370 plesk sendmail[5009]: PASS during call 'limit-out' handler
Apr 13 11:35:49 m1370 plesk sendmail[5009]: handlers_stderr: SKIP
Apr 13 11:35:49 m1370 plesk sendmail[5009]: SKIP during call 'check-quota' handl er
Apr 13 11:35:49 m1370 postfix/pickup[1759]: C90FA61668: uid=48 from=<apache>
[Code] ....
I tried Qmail, same issue
Code:
Hi. This is the qmail-send program at m1370.contabo.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. It didn't work out.
<emailhere@gmail.com>:
2a00:1450:4013:0c00:0000:0000:0000:001b failed after I sent the message.
[Code] .....
Centos 6.6 + Plesk 12 Web Pro Edition
My server certainly did not spam Gmail servers, (my old server works fine sending email t gmail) I fear this has something to do with my "Postfix" configuration.
how many pageviews a server like this can handle a day?
Core 2 Duo 2.2 GHz
1024 MB RAM
160 GB 7200rpm SATA Hard Drive
Simple website with PHP and MySql, few graphics.
Is it possible that someone on the same network as my server (shared hosted, freebds) could somehow cause my traffic to be diverted to a new url after visitors landed on my website?
I assume this person has access to my home PC also and is reading what I type here etc. Has the ability to allow domains and IP's and divert others on my server, IS in the position to know who to allow and deny (my affiliates, customers etc IP's are recorded etc)
IF this was possible, how would I be able to catch this person out?
Where would I look for evidence of this and what am I looking for?
I don't manage my DNS and asking my server host (my suspect hosts with them too) gets a reply like: I don't understand what your asking? Do you need webaliser stats?
How would someone be able to do what I'm guessing is happening: That people can land on my site.. however, this guy can than redirect them to his own paying page. If I set a link here to my site..he'd soon add its domain to "allowed" etc etc.
I'm thinking I need access to server access to my dns, login info and Last Modified details on those file. I don't have these. I don't know what I'd be looking at if I had them.. and my server tech hasn't offered to look at such things.
My interest is more than intellectual.
Until last weekend my 2 1/;2 year project that has grown in sales volume beyond my expectations. I had had no contact with this person for 8 months and in that time sales where consistent. I Had changed all accesses, IP etc etc. I used to host with him. Then moved hosts since I didn't trust him (same problem back then - sales fell to nothing but traffic grew) moved to my current host.. not long after find HE is now on that host too.. now after I have contact from him again, sales have gone flat without any explanation, even though traffic has increased! 1:300 has become 1:10000 and I have checked everything site side (I'm a webmaster for over 10 years)
I'll be ruined very shortly and I don't know what to do.
secure a windows server 2003 traffic.
I have one server with a small number of clients <10. The clients have dynamic IPs.
The server hosts a number of public facing websites, email, FTP and remote desktop.
What I want to do is make port 80 respond to all web requests but lock all other services down so that they only respond to my 10 clients. I was thinking some certificate or VPN solution but I've ruled VPN out as I don't have a firewall or VPN so would I be able to do this with IPSEC?
Is there quick utility that would do this or can you point me to a good example article?
We're expecting a large spike in traffic (40k visits in one day) soon. We’re running on a very powerful server with CentOS & cPanel.
Is there any specific configuration we can setup to prepare for the large visitor spike? The website is very database and PHP intensive. We want to avoid any downtime.
which processor for an high traffic server?
DELL Xeon 3065 or Intel Dual Core E 2140
what the max number of hits is a quard core server with RAID disk system can handle, it is running on a Linux with separated MySQL server?
The host says there are no restrictions on the bandwith, but somehow it is strange we always only have MAX 300 users online (24/7/365) now I wonder if it just is that way or if some users might be denied access from time to time when they try to enter some of the websites hosted on the server ?
Maybe you know a monitoring service or something that can tell if this is an issue.
i have question which i'v serched for answer for it more than 3 days , may be more.. but i still can't catch it.
now if i have aWin EST server , and i have t remote desktop . i can creat accounts right?
well , if i need to manage the traffic for evry account, and give account whatever 500 GB trffic , another account with 500 GB , another with 300 GB , etc etc..
how can i know they have reched thier limite and they stop useig more from the server?
billing system to control the traffic between router and servers. I thing I need a billing system installed on server with webgui like those used by ISPs but I need it working with paypal and other payment gateways.
The other solution is to use radius server but I will need it working with payment gateways. Can you recommend me a good radiuns server with many options?
how you monitor the traffic of each individual VPS on your dedicated servers?
View 4 Replies View RelatedIs it actually possible to find Windows dedicated server with unlimited traffic (1Gb Pipe)and reliable 24/7 technical support? Cause I have searched and found out that if the traffic is unlimited the pipe is too small, and if the pipe is big enough traffic is limited and additional one costs a fortune.
View 7 Replies View RelatedI have a client with a site (wordpress blog) that gets 10,000 + hits a day. I need to find him a dedicated managed server so that his site runs smoothly and also has no outages. I just received a quote from another host for his Managed Dedicated Servers.
CPU1: Intel Xeon 5310 Clovertown (Quad Core)
CPU2: Intel Xeon 5310 Clovertown (Quad Core)
Total CPU Cores: Eight (8)
System RAM: 6144MB (6GB) DDR2 ECC Registered System RAM
Primary Hard Disk: 73GB Serial Attached SCSI (SAS) 15,000 RPM High-Performance Hard Disk
Second Hard Disk: 250GB SATA-II 7,200 RPM Hard Disk (nightly backup disk)
Data Transfer: 2000GB Premium Monthly Bandwidth (100Mbps uplinked port)
Operating System: CentOS Enterprise Linux 5 64-Bit (x86_64)
Control Panel License: cPanel / WHM + Fantastico Auto Installer$695 a month
He posts about 5-10 blogs a day too, so it's definitely a growing community website. He also has a forum with 6500 posts and 389 members.
Is this a reasonable price for a dedicated server? Would you recommend a different configuration of hardware that might make it cheaper? I would also like some examples of other sites on similar configurations if you have any, so that I can show my client what they use.
The server gets around 25k unique visitors per day, but one website in particular allows hotlinking and uses a lot of bandwidth. Last time I checked...according to whm apache status page, I was getting 180 requests per second. Not sure what time it was though. So it might be higher at a different time of the day.
Recently got mod_evasive installed, but I didn't want it to block out legitimate users. Currently it's set to this...
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 10
DOSBlockingPeriod 600
</IfModule>
what a better configuration would be? When I run the log I already see it block out a bunch of IP's. I don't want to lose any visitors to this program, but I do get ddos a lot.
how to monitor the traffic usage of the VPS's on a dedicated server? We have OpenVZ & XEN VPS's
View 5 Replies View RelatedHow do i setup vpn server on windows 2003 so that client traffic go through the remote vpn server? Something like strongvpn.com service which change the client ip address.
I tried setting up, now client able to connect to the server using windows vpn. But once connected, internet cannot work. How to use the vpn server as gateway?
Server have only 1 network card.
Can windows xp act as vpn server for the same purpose?
My video sharing site has high traffic, alexa rate:3,000
My site has 2 servers to split the load. 2 servers share a mysql server. Using rrdns to load the balance.
Server A running mysql 5.0,lighttpd
Server B running lighttpd.
Server B connect to A's mysql database.
During peak time. B can not connect to A's mysql server. It says server not responding. But A still running fine.
When I check mysql log file.
/usr/libexec/mysqld: Forcing close of thread .....
And when run top, the load average is 20.
The spec of Server A
Intel(R) Xeon(TM) CPU 3.06GHz dual core.
2G Ram.
Here is the my.cnf
Quote:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
max_connections = 1000
wait_timeout=60
connect_timeout=10
interactive_timeout=120
join_buffer_size=1M
query_cache_size=128M
query_cache_limit=2M
max_allowed_packet=16M
table_cache=1024
sort_buffer_size=2M
read_buffer_size=2M
My question, do I need another maching C to run lighttpd, and just keep mysql on A.
Or I can do some mysql optimization on A.
Also, if my site keeps going, can I have 1 mysql server and 5 http servers?
I'm working on launching this online store for a poster designer, and we're becoming more and more aware that we need a really robust and fast server. This site is looking at extremely high levels of activity whenever this designer posts a new poster. We're talking 1700 people surfing the store (downloading med-high resolution poster images) and 300 posters sold in 16 seconds kind of thing.
So, we need a really robust hosting, to work with PHP5 and MYSQL.
My previous go-to hosting provider was Lunarpages, but their customer service has gone down the crapper, and I've just about had it with them. My main questions are:
Should I be looking into getting a dedicated server, or are there hosting companies that can handle this kind of traffic on a shared server? I don't have experience administrating a server, so if we got a dedicated one we would have to pay the host to do at least some of the setup/administration, I would assume?
Dedicated server or not, what's a hosting company that has really good customer service, where we can be assured of getting somebody knowledgeable without having to wait on hold for 20 (or even 10) minutes?