I have a friend who usually manages my server, but he's been hard to contact, and these forums are officially my best friend
I figured out how to change the sshd config, and restarting the service to change the port. My friend installed a firewall due to ddos attacks, and I think i need to manually unblock the port that I would like to be the new sshd port. How can I find out what firewall I'm running, and where can I add a new port to the allow list?
I'm trying to change the ssh port on one of my servers, I have edited the sshd_config file and ssh_config. Changed the port, then enabled the port on APF. Restarted both APF and SSH.
Tried logging in via the port I specified, would not let me. Tried the default port, logged in fine. Why won’t it change to the port I specify?
Have some very important questions regarding changing plesk ports and creating full backups.
1. When changing plesks port number, what exactly will it effect? Will it effect auto updates, etc.?
2. When creating a backup, I'd like to backup the entire server to rollback at anytime when changes are made to core files, is this possible?
3. With backups, somehow I'd like to schedule backups to possibly make nightly copies to an external hard drive on my computer for a fail safe method just in case the server happens to crash and I'd need to restore to another server/service. How would this be possible?
I install and configure apf firewall on my VPS and i have a problem. The port 80 is open, my website it`s up and working but i can`t download anything.
Alright now this is the most intelligent way to send spam I have ever seen. Apparently a guy has made a PHP or Perl script that is acting as an MTA. That's right: He is neither using Sendmail nor Exim but he made a script that acts as an MTA. That means the script itself connects to third party mailservers via port 25 and communicates with the remote mailserver as if it was an MTA itself. This works even if Exim is entirely disbaled...
The spam still get's sent. The script is running only occasionally...not like a daemon.
So it is nearly impossible to locate it. You have no Exim logs to look at. And in the Apache logs any PHP script could be it... You are not able to find that out. Therefore I am unable to stop him unless I manage to block outgoing connections to another host's port 25 for any program but for exim.
How can I configure my firewall (APF) so that only Exim my connect to other servers via port 25? Is that even possible?
Do you still have to add each port individually to Server 2008's Firewall like we did on Server 2003?
If so, will the guides that were put out for 2003 work on 2008's? I want to be sure before putting all these ports in....if I can just specify a range instead, it would be much easier!
From some reasons, plesk is blocking incoming 25 port (in plesk shows opened, but it's not)My emails are delivered trough port 25, after doing some tests ( i've sent some emails to an email account hosted in the server) there was no email in the roundcube inbox! All emails were blocked...
a) Firewall was blocking the port 25 on server restart. b) I have succesfully unblocked it from plesk manager -> tools -> edit/change -> even if i didn't change anything, i saved the "changes" and in my roundcube inbox i recived all the test emails. c) In /var/log/maillog there is no error.
2. Passive FTP gets blocked in the same way, to successfully connect FireFTP on passive mode i need to repeat 1.b steps even if i've created a special rule to prevent the blocking, opening 49152-65534 ports and set PassivePorts 49152 65534 in /etc/proftpd.conf
The issue appears randomly, because in the last 5 days i didn´t restart the server, the last time i checked it worked. Today, without touching anything, firewall blocked my passive FTP and I had probmels reciving emails from gmail, yahoo etc...
/dev/sda1 is mounted to / on my dedicated server, however, it is 100% full and cPanel is having problems with it. Is there a way I can clean out some files?
Additionally, I cannot SSH into the server since sshd keeps failing. Anyone know what I can do?
I'm sure /dev/sda1 isn't usually mounted to / but who knows.
I am trying to customize the knoppix CD so that the SSH server can be started while the system has been booted up. I've tried to install the service and setup the appropriate run level (update-rc.d) but still the SSH daemon couldn't be started up automatically. I had to start it up manually while the system is booted up. I have an idea is to put the startup command in the /etc/rc.local, but not sure if that would work, but I prefer to start it up from the run-level. And what about the /etc/inittab, any idea on that?
Here I got a sshd issue, which confused me a lot. I just purchased a dedi yesterday.
cPanel11+WHM panel, Fedora7 system. When I use top -c to check the system, most of the times I would see four or five sshd processes "sshd: unknown [priv]" are running, and about 5 minutes later they will disappear.
With my sshd installation, I have password authentication disabled, and only accept key-based auth. What I want to do is, make sshd lie about it's accepted authentication methods, or even make up a few to confuse anyone who's trying to connect. For example,
Currently I am using Linux + cPAnel and using the port 25 for email sevrer. Currently we facing 1 problem is, some user's ISP is not support port. May I know how can I add additional port into server and allow users to send mail by different port?
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
I have an office internal website and I opened a port in the gateway of my office (7080) to this website (server )'s 80 port. That makes this website open to public as office has static IP. And then when I view the site from home . it's fine. But when I tried to login, the site is using a pop-up, I guess it's http authentciation, login, I was redirected to a url without my port number any more, that stops my access to the site as obviously I would.
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
