Default APF Blocks Softlayer IP Range And WHT
Aug 3, 2009
This came as a surprise today, I setup a server-based RSS reader and could not get WHT's forum RSS feeds. A little digging revealed it was the default APF installation that was blocking the 174.0.0.0/8 range, which includes WHT and a chunk of Softlayer's ip range.
The quick fix is easy, just remove that range from the /etc/apf/internals/reserved.networks file and restart, in the latest apf version, I don't know how many apf versions back this block goes.
The APF folks do a fantastic job in keeping APF up to date, but this seems to be recent update to this particular ip range that hasn't made it into APF yet.
View 5 Replies
ADVERTISEMENT
May 26, 2007
APF (on my server) often blocks me and some other browsers but I don't want it to do this. Let me give the last one log below;
Code:
May 26 09:38:01 linux apf(9884): (insert) deny all to/from 85.101.x.x (my ip)
After 20 minutes automaticly deleting the block.
May 26 09:58:02 linux apf(11064): {delete} deny all to/from 85.101.x.x
View 7 Replies
View Related
Oct 29, 2009
I guess some of you have had the same problem in the past.
I am looking to host 20 different websites on 20 different C-block ips.
It's very hard to find a provider that does this so up to time I am ordering every account to different provider but this results in a big overhead.
View 6 Replies
View Related
Aug 31, 2008
does aynone know how to modify the file /etc/network/interfaces (using debian linux) in order to have 2 different 8 IP - Blocks on one server? I guess one needs somehow 2 gateways, but I am not really sure how to set it up. So I did try it that way, which didn´t work: ....
View 2 Replies
View Related
Mar 27, 2008
This weird issue has poped up only this weekend , when csf blocks all ips and even ssh, email and all services are not accesible, even though server is working, but firewall puts a block on everyone, and appears offline to others, any ideas why csf and iptables are not responding and acting in this behavior, i asked jonesolutions.com last time it happened i got no reason/response which could be the culprit.
Could it be the kernel update/upgrade that was done, to optimize load which broke csf and its working?
as this is 2nd incident over last 2 days , and i had thought my management had fixed it. Upset here over the unwanted for no reason downtimes!
Here is the output for this command after i restart csf again, and thats like average too i get over the entire day.
root@webhosting1 [~]# netstat -an |grep :80 |wc -l
188
root@webhosting1 [~]# netstat -an |grep :80 |wc -l
168
Connections to server dont seem to be high enough to pooch the firewall.
View 14 Replies
View Related
Apr 12, 2007
well they get permission denied to view the site, i have flushed the server firewall but yet again several user dont get access to view the site...
View 6 Replies
View Related
Mar 18, 2009
Does any one else use the free hosting byethost and have problems with them blocking user agents like googlebots and phpld site verification agents?
Otherwise their hosting is good but a huge drawback is that Google is blocked from accessing my site and I cannot get back links in many phpld directories because they cannot verify my site as their user agent is banned by the host.
If you upgrade to a paid account are these restrictions removed?
View 7 Replies
View Related
May 5, 2009
I recently got a dedi from Hivelocity, and they installed CSF/LFD. On my previous hosts, I didn't have this, just cPHulk. With this dedi, I'm receiving nearly a dozen daily emails from LFD with IPs that have been blocked for multiple failed logins, mostly with username root, but also sales, staff, admin, system, etc., and a few for port scanning.
Is this normal? I've already disabled direct root login via SSH, and I'm not really worried about anyone actually managing to gain access, I'm just curious about the high number of attempts. On previous hosts, where I actually had active sites and forums, with links posted on other forums that are indexed and nicely ranked by Google, I rarely received any emails from cPBrute at all.
View 1 Replies
View Related
Nov 22, 2008
What is the cheapest and easiest way to have say 20 different sites all on different IPs?
Just buy 20 different cheap hosting accounts?
Or can a reseller account or server add different IPs per site? And I mean a pretty big difference in IP not just last number.
All very small sites, about 3mbs space needed, and probably not even a gig of bandwidth a month.
View 4 Replies
View Related
Jan 28, 2008
One of my friends has a web server that runs Jetty. And he's having issues with users using Safari getting blocked by Jetty through a login process. The result after attempting to login is a 404 error. That just says machine blocked and URI=
and then below powered Jetty://.
This only happens with Safari.. I was wondering if anyone had any ideas on what could be causing this or is familiar with Jetty?
View 1 Replies
View Related
Jan 25, 2008
This is an issue I've been having for a few months now and haven't been able to resolve yet with my data center, AOL support and the company who manages the server for me. My main reason for posting this is for a fresh set of eyes and to see if anyone else has had a similar problem in the past (and how they fixed it)
The issue is this:
I set up a dedicated server to host my web design clients a few months back and no one has been able to send to or receive mail from AOL addresses. I've gone through everything at the postmaster.aol.com site and have ensured that reverse DNS records are in place for all IPs associated with the server, as rDNS is a mandatory requirement for AOL.
Once my support requested was finally elevated to a real AOL support tech, they confirmed that my IP was not being blocked by their servers and are still under the impression that the problem must be on my end somewhere. Because this problem only occurs with AOL (we can send/receive with all other big providers - yahoo, hotmail, gmail, hush, etc), my server management team are fairly certain it must be an issue on AOL's side.
When sending mail from an AOL address, it bounces back with an error like so (real emails replaced with example addresses):
451 <email@exampledomain.com>... exampledomain.com: Name server timeout
Message could not be delivered for 2 hours
Message will be deleted from queue
When sending mail from my server, it bounces back with an error like so:
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
exampleaddress@aol.com
retry timeout exceeded
When attempting to manually deliver a message to AOL from the Mail Queue in WHM, I get an error like so:
Message xxx-example-number is not frozen
delivering xxx-example-number
Connecting to emr-d01.mx.aol.com [205.188.159.2]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
emr-d01.mx.aol.com [205.188.159.2] Connection timed out
Connecting to emr-m01.mx.aol.com [64.12.136.169]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
emr-m01.mx.aol.com [64.12.136.169] Connection timed out
LOG: MAIN
== example@postmaster.aol.com R=lookuphost T=remote_smtp defer (110): Connection timed out
When attempting a manual telnet test from my server to AOL's mail server at , it also times out with the following:
Trying 64.12.137.184 (connection timed out)
Trying 205.188.156.248 (connection timed out)
Trying 205.188.159.57 (connection timed out)
telnet: Unable to connect to remote host: Connection timed out
The AOL support tech explained that if my server IP were being blocked, it would return messages with a block error code instead of timing out. They suggested my firewall was blocking AOL's server....but both my data center and server management company said that isn't the case.
Because I can't duplicate this problem with anyone but AOL accounts, I don't know what else to troubleshoot or look for. I know AOL is notorious for blocking IPs and most email related problems are usually for lack of rDNS, but neither of those issues are the problem in this situation...so I don't know what else to try. My server management company (PSM) and AOL (once they finally elevated me to a real tech support person), have been very patient and helpful....but we still haven't been able to identify the problem and I feel incompetent for not being able to contribute on my own. I've researched for weeks and certainly understand more than I did, but still far less than they do.
AOL did direct me to a Windows Server troubleshooter relating to UDP packet size limitations with some firewalls that could cause MX query timeouts with AOL, Earthlink and Quest...but because I'm on an Apache server...I didn't know if that could be related at all to my issues (not to mention that I didn't even know what any of that meant until I went and looked up what a UDP packet actually was. I'm still not entirely sure I understand it). Even so, I did send the information to Platinum Server Management a short while ago, but haven't heard back yet.
Anyways.... in the meantime, I thought I'd check here in case anyone else had the same issue or saw something obvious we might not be considering.
My server details are as follows. I included my data center and management company details to illustrate that people far more qualified and intelligent than myself have performed the most common and obvious troubleshooters so far:
Pentium IV 2.8GHz /1GB DDRAM /120GB EIDE HDD
OS: CentOS 4.3
cPanel/WHM
Main Server IP: 66.79.163.138
Example Domain on the server: vedadesigns.net
Data Center: Dediwebhost.com (awesome service & fast support)
Initial Server Setup & Management: Platinum Server Management (I just can't say enough good things about these people)
View 5 Replies
View Related
Jun 1, 2007
I just uninstall apf and install csf firewall on 4 servers
There is a problem after that. 2 of the server actually was OFFLINE by 12 midnight sharp yesterday night. This is the second time (second day) it happens.
I went into the datacenter and
#ping yahoo.com
*Host not found*
#service csf stop
#ping yahoo.com
*Responding*
So how is this related to eth0 making my server offline by itself? Was it Iptable problem or Csf problem? or Kernel problem?
View 7 Replies
View Related
Sep 14, 2014
I have a brand new and fresh installed server with:
Parallels Plesk v12.0.18
openSUSE 13.1
My Problem is, every day i have to click on activate in the settings of the firewall. Otherwise i have no Mail. The rest (Hosting, etc.) works fine.
No changes in the firewall settings where made, just a migration from my old server.
View 6 Replies
View Related
Dec 3, 2014
we use CentOS Linux 7.0.1406 (Core) Plesk Version 12.0.18 Update #26 I got reports of several users on my system, and i can confirm this myself, that fail2ban is blocking courier imap and postfix connections when i try to connect to the Plesk Server with Outlook 2013 and theBat and the Apple Mac Mail Client.
I used the correct login information but fail2ban blocked the IPs for no obvious reason:
Code:
2014-12-03 12:46:57,908 fail2ban.actions[920]: WARNING [plesk-postfix] Ban 82.134.94.102
2014-12-03 12:46:58,049 fail2ban.actions[920]: WARNING [plesk-courierimap] Ban 82.134.94.102
I disabled the two jails now and it works perfectly. But why is fail2ban blocking valid requests ? I tried it myself and i did not enter a wrong password or something. MaxRetry is 5 so this should not be a problem. The problem is not affecting all users but just a few. However all of them are using correct credentials so i dont understand why they are being blocked at all.
View 1 Replies
View Related
Jun 12, 2007
Let's say when i first joined the datacenter, i'm given some 16 IPs from 123.123.123.*.
Now that i need more IPs, and they have to give me IPs from 123.123.124.*, am i right to say i need a new switch?
Now is it possible that i link up the new switch together, so that both switch can pick up any available IPs from either range?
View 12 Replies
View Related
Mar 22, 2007
I'm running a web server with mod_evasive and want to know how can I prevent mod_evasive from blocking the googlebot crawler ip address.
Is there a script out there that can detect this crawler and make sure its ip doesnt get blocked by iptables or mod_evasive?
View 9 Replies
View Related
Nov 5, 2009
am using APF firewall and am getting ddos from these range ips
4.68.25.*
8.0.4.*
8.0.5.*
how could i delete all the range from these ip's?
View 4 Replies
View Related
Apr 6, 2008
I set up a forum for a small group of users, so I don't really wish to see spiders or bots on it, so I've put a robots.txt file there to prevent all of them from accessing the forum pages.
I know not all bots follow the robots.txt rule, and these days a really annoying bot called MUNAXNET or Munax AB with IP range 82.99.30.0 - 82.99.30.127 is causing the forum to have extra and unexpected loads.
I've tried to block this IP range with .htaccess and uploaded it to the root of the site a few days ago, here is the content:
<Limit GET HEAD POST>
order allow,deny
deny from 82.99.30.0-82.99.30.127
allow from all
</LIMIT>
However strangely it seems that all of these are not working for this bot, today I saw my forum had 80 users online and that army still keeps coming and browsing all pages of my forums...
I tested the .htaccess with blocking myself, and it actually worked for me, dunno why it's not working for that bot..
View 3 Replies
View Related
Jun 11, 2008
we want a dedicated server with a full range of ip with our own company name(or with my name) and abuse mail
+ kvm and apc access
we need a good support too , for example if we want to check our hard disk the provider check it fast
View 5 Replies
View Related
Mar 8, 2007
I need to ban IP range and I inserted say ip 12.44.0.0 in the deny_hosts rules, this should ban range from 12.44 but strange is people from that range still be able to access my site, any idea what went wrong?
View 3 Replies
View Related
Feb 27, 2007
Server: OS RHEL 4
Web Server: Apache1.3.37
Hi. I want to block a range of IPs. Currently, I use the following command as an effective weapon against the IPs of people I find in the log trying to do bad things.
/sbin/route add -host x.x.x.x reject
Works like a charm. I then put the offending IP in the file /etc/rc.d/rc.local so that it will reload the bad ips when the server reboots next.
I also use the CSF/LFD firewall, and it successfully blocks single, offensive IPs also.
What I need, though, is the ability to block an entire range of IPs. For example, i have a very persistent hacker trying to access from a certain range like so....
255.155.x.x.
The last two numbers are always changing but the first two remain the same.
How do I block this "range" of IPs from accessing my server?
Note, I know how to block a range of IPs in a .htaccess file for a certain account, I put this in the .htaccess file...
deny from 205.196.
But when I try this with /sbin/route, it will not accept the ip. My firewall will also not accept a range of IPs.
View 3 Replies
View Related
May 7, 2007
Is there any way to block all and just allow certain IP using APF or iptables?
I want to block all the traffic to the server and just alow IP range.
View 4 Replies
View Related
May 14, 2009
I have a client who needs to block IP range on a windows server. However, he is using Cloud hosting from Rackspace. I guess they are not being corporative in doing so. Anyway to do this without root? Perhaps from the control panel?
View 4 Replies
View Related
Jan 13, 2008
I am getting my quote back Tuesday but need a little bargaining power with these guys...
Oakland, Ca datacenter
40mbps, 20A, 42U rack.
What should I be looking at price range here, how much per mbps?
Only info I've seen is from 2003 where people were saying $200/mbps. Obviously prices have come WAY down. I've seen people on here reselling internap bandwidth for $12/mbps, but they might have bought a huge commit.
View 14 Replies
View Related
Jul 6, 2008
i have 2 range ip
range 1 is : 111.111.111-119
range2 is : 222.222.222-229
how may i add both range?
i can add for one range,but about 2 rage i can`t
View 5 Replies
View Related
Mar 28, 2008
from 36 hours we have really critical issue:
we have 3 server with Liquidweb that have problem to "resolve" a server locate in Italy
Email sent from server with LW to Italy server is not sent and stay in queue.
We try to force delivery and error is:
Message 1Je39R-0000wk-3N is not frozen LOG: MAIN
cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M
1Je39R-0000wk-3N delivering 1Je39R-0000wk-3N Connecting to italyserver.com
[**.**.**.**]:25 ... failed: Connection timed out (timeout=5m) LOG: MAIN
italyserver.com [**.**.**.**]:25 Connection timed out LOG: MAIN
== email@italyserver.com R=lookuphost T=remote_smtp defer (110): Connection
== timed out
--
We have check, there aren't problem with port and firewall
All seesm ok, for all server
We have try to restart exim, reboot, ..
Emails don't start from 3 server LW to 1 in Italy
We have try to ping from server LW the Italian server and the problem is the same, found IP but 100% packet lost..
If we ping from 3 server LW a IP of server that is "over" the server IT is all ok
The problem seems only with single IP
So, we have try to send from server in Italy to 1 of 3 server under LW.. same problem
------
Message 1JeSBO-0003CD-HO is not frozen LOG: MAIN
cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M
1JeSBO-0003CD-HO delivering 1JeSBO-0003CD-HO Connecting to
mail.serverlw.it [**.**.***.**]:25 ... failed: Connection timed out
(timeout=5m) LOG: MAIN mail.serverlw.it [**.**.***.**] Connection
timed out LOG: MAIN
== email@serverlw.it R=lookuphost T=remote_smtp defer (110):
== Connection timed out
------
LW support not have suggest solutions and also Italian support not have idea of problem solution
View 3 Replies
View Related
Jun 11, 2008
we want a dedicated server with a full range of ip with our own company name(or my name) and our own abuse e-mail address
+ kvm and apc access
we need a good support too , for example if we want to check our hard disk the provider check it fast
any body know anywhere to provide this services with a good price?
View 3 Replies
View Related
Jul 21, 2008
I would like to use different Class C IP ranges across my domains for better cross linking. Of course, all domains are closely related to a particular niche.
I am currently on imountain.com, they have been extremely helpful and good. But wondering if same host can provide me different class C IP range?
want to confirm this before i order a new server from them.
or should i just go for another hosting provider? wondering anyone as good as imountain?
View 5 Replies
View Related
