Firewall Blocks Server (or Eth0) Itself
Jun 1, 2007
I just uninstall apf and install csf firewall on 4 servers
There is a problem after that. 2 of the server actually was OFFLINE by 12 midnight sharp yesterday night. This is the second time (second day) it happens.
I went into the datacenter and
#ping yahoo.com
*Host not found*
#service csf stop
#ping yahoo.com
*Responding*
So how is this related to eth0 making my server offline by itself? Was it Iptable problem or Csf problem? or Kernel problem?
View 7 Replies
ADVERTISEMENT
Dec 23, 2007
If i have 2 NIC on my server 1 for private and 1 for public
if the public is eth1 than in the config of APF
IFACE_IN="eth1"
IFACE_OUT="eth1"
I should set it to eth1 instead of eth0
is that correct?
thanks
View 4 Replies
View Related
Mar 27, 2008
This weird issue has poped up only this weekend , when csf blocks all ips and even ssh, email and all services are not accesible, even though server is working, but firewall puts a block on everyone, and appears offline to others, any ideas why csf and iptables are not responding and acting in this behavior, i asked jonesolutions.com last time it happened i got no reason/response which could be the culprit.
Could it be the kernel update/upgrade that was done, to optimize load which broke csf and its working?
as this is 2nd incident over last 2 days , and i had thought my management had fixed it. Upset here over the unwanted for no reason downtimes!
Here is the output for this command after i restart csf again, and thats like average too i get over the entire day.
root@webhosting1 [~]# netstat -an |grep :80 |wc -l
188
root@webhosting1 [~]# netstat -an |grep :80 |wc -l
168
Connections to server dont seem to be high enough to pooch the firewall.
View 14 Replies
View Related
Sep 14, 2014
I have a brand new and fresh installed server with:
Parallels Plesk v12.0.18
openSUSE 13.1
My Problem is, every day i have to click on activate in the settings of the firewall. Otherwise i have no Mail. The rest (Hosting, etc.) works fine.
No changes in the firewall settings where made, just a migration from my old server.
View 6 Replies
View Related
Aug 31, 2008
does aynone know how to modify the file /etc/network/interfaces (using debian linux) in order to have 2 different 8 IP - Blocks on one server? I guess one needs somehow 2 gateways, but I am not really sure how to set it up. So I did try it that way, which didn´t work: ....
View 2 Replies
View Related
Jan 28, 2008
One of my friends has a web server that runs Jetty. And he's having issues with users using Safari getting blocked by Jetty through a login process. The result after attempting to login is a 404 error. That just says machine blocked and URI=
and then below powered Jetty://.
This only happens with Safari.. I was wondering if anyone had any ideas on what could be causing this or is familiar with Jetty?
View 1 Replies
View Related
Jul 1, 2009
I'm not sure if the trafic showed by munin graphics is normal or not because it seems it jumps to 2mbps in the morning and after few hours drops down to .5mbps
I don't host any storage websites, which should have lots of uploads, just normal websites, maybe a total of 10000 unique visitors/day on all accounts (I estimate this as I don't know how to find out exactly the number of visitors on all websites hosted on this server - 182 accounts)
My question is how can I see what exactly is making that trafic, maybe using a netstat command to see what processes are using the bandwidth.
View 11 Replies
View Related
Aug 13, 2008
How can change "eth0" speed to 100mbps and full duplex?
View 8 Replies
View Related
Apr 30, 2008
I rebooted my server and now munin is not showing any eth0 traffic. All other graphs are fine. I can see there is a ton of apache accesses so there is definitely eth0 traffic. Munin logs report no errors. I restarted munin and munin-node. I even did 'yum remove munin munin-node' and reinstalled again but it still doesn't work for eth0.
View 4 Replies
View Related
Dec 3, 2008
I am having network issues, local servers in the /24 are unable to connect to VPS's.
If I make the /etc/sysconfig/network-scripts/ifcfg-eth0 too especific by adding a netmask then Nodes with assigned IPs on a different /28 will stop working/ping.
Right now it works, but it doesn't allow local servers to connect to VPS's (a problem) as one of those nodes is a VPS backup center.
View 6 Replies
View Related
Jun 1, 2007
I just got my servers up, DNS servers what not and my main plesk server for shared/reseller hosting.
Now for the weirdest thing ever!
I started working on my plesk packages a few days ago, after I got plesk installed.
Systems stats as follows
Supermicro AS1021M-T2 barebone
[url]
Has 16GB of infeon DDR2-667 memory.
2 250GB hard drives in mirrored configuration with the Acera 9500 w/ 256MB of memory
Running Cent OS 4.4
For some reason, Everytime I go into Plesk, or any of the websites that are contained in Plesk, The nic card drops out, wont allow any activity to get through, both ways.
View 0 Replies
View Related
Sep 8, 2008
i have a problem when i wget anyfile after i install
APF+BFD into my server
my server is VPS ..
my VPS details is
---------------------
Server Name: bOx
User Name: b0x
Operating System: CentOS 5
RAM: 512 MB Guaranteed 2 GB BurstedTotal
Disk Space: 10 GB
Bandwidth Quota: 500 GB
Quota Used: 0 GB
Control Panel Type: cPanel (license enabled)
Server IP Address: 72.152.456.37
---------------------
now my VPS when i restart my APF its show me this
eth0: error fetching interface information: Device not found
eth0: error fetching interface information: Device not found
and my SSH Froze in this ..
View 12 Replies
View Related
May 26, 2007
APF (on my server) often blocks me and some other browsers but I don't want it to do this. Let me give the last one log below;
Code:
May 26 09:38:01 linux apf(9884): (insert) deny all to/from 85.101.x.x (my ip)
After 20 minutes automaticly deleting the block.
May 26 09:58:02 linux apf(11064): {delete} deny all to/from 85.101.x.x
View 7 Replies
View Related
Oct 29, 2009
I guess some of you have had the same problem in the past.
I am looking to host 20 different websites on 20 different C-block ips.
It's very hard to find a provider that does this so up to time I am ordering every account to different provider but this results in a big overhead.
View 6 Replies
View Related
Apr 12, 2007
well they get permission denied to view the site, i have flushed the server firewall but yet again several user dont get access to view the site...
View 6 Replies
View Related
Aug 3, 2009
This came as a surprise today, I setup a server-based RSS reader and could not get WHT's forum RSS feeds. A little digging revealed it was the default APF installation that was blocking the 174.0.0.0/8 range, which includes WHT and a chunk of Softlayer's ip range.
The quick fix is easy, just remove that range from the /etc/apf/internals/reserved.networks file and restart, in the latest apf version, I don't know how many apf versions back this block goes.
The APF folks do a fantastic job in keeping APF up to date, but this seems to be recent update to this particular ip range that hasn't made it into APF yet.
View 5 Replies
View Related
Mar 18, 2009
Does any one else use the free hosting byethost and have problems with them blocking user agents like googlebots and phpld site verification agents?
Otherwise their hosting is good but a huge drawback is that Google is blocked from accessing my site and I cannot get back links in many phpld directories because they cannot verify my site as their user agent is banned by the host.
If you upgrade to a paid account are these restrictions removed?
View 7 Replies
View Related
May 5, 2009
I recently got a dedi from Hivelocity, and they installed CSF/LFD. On my previous hosts, I didn't have this, just cPHulk. With this dedi, I'm receiving nearly a dozen daily emails from LFD with IPs that have been blocked for multiple failed logins, mostly with username root, but also sales, staff, admin, system, etc., and a few for port scanning.
Is this normal? I've already disabled direct root login via SSH, and I'm not really worried about anyone actually managing to gain access, I'm just curious about the high number of attempts. On previous hosts, where I actually had active sites and forums, with links posted on other forums that are indexed and nicely ranked by Google, I rarely received any emails from cPBrute at all.
View 1 Replies
View Related
Nov 22, 2008
What is the cheapest and easiest way to have say 20 different sites all on different IPs?
Just buy 20 different cheap hosting accounts?
Or can a reseller account or server add different IPs per site? And I mean a pretty big difference in IP not just last number.
All very small sites, about 3mbs space needed, and probably not even a gig of bandwidth a month.
View 4 Replies
View Related
Jan 25, 2008
This is an issue I've been having for a few months now and haven't been able to resolve yet with my data center, AOL support and the company who manages the server for me. My main reason for posting this is for a fresh set of eyes and to see if anyone else has had a similar problem in the past (and how they fixed it)
The issue is this:
I set up a dedicated server to host my web design clients a few months back and no one has been able to send to or receive mail from AOL addresses. I've gone through everything at the postmaster.aol.com site and have ensured that reverse DNS records are in place for all IPs associated with the server, as rDNS is a mandatory requirement for AOL.
Once my support requested was finally elevated to a real AOL support tech, they confirmed that my IP was not being blocked by their servers and are still under the impression that the problem must be on my end somewhere. Because this problem only occurs with AOL (we can send/receive with all other big providers - yahoo, hotmail, gmail, hush, etc), my server management team are fairly certain it must be an issue on AOL's side.
When sending mail from an AOL address, it bounces back with an error like so (real emails replaced with example addresses):
451 <email@exampledomain.com>... exampledomain.com: Name server timeout
Message could not be delivered for 2 hours
Message will be deleted from queue
When sending mail from my server, it bounces back with an error like so:
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
exampleaddress@aol.com
retry timeout exceeded
When attempting to manually deliver a message to AOL from the Mail Queue in WHM, I get an error like so:
Message xxx-example-number is not frozen
delivering xxx-example-number
Connecting to emr-d01.mx.aol.com [205.188.159.2]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
emr-d01.mx.aol.com [205.188.159.2] Connection timed out
Connecting to emr-m01.mx.aol.com [64.12.136.169]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
emr-m01.mx.aol.com [64.12.136.169] Connection timed out
LOG: MAIN
== example@postmaster.aol.com R=lookuphost T=remote_smtp defer (110): Connection timed out
When attempting a manual telnet test from my server to AOL's mail server at , it also times out with the following:
Trying 64.12.137.184 (connection timed out)
Trying 205.188.156.248 (connection timed out)
Trying 205.188.159.57 (connection timed out)
telnet: Unable to connect to remote host: Connection timed out
The AOL support tech explained that if my server IP were being blocked, it would return messages with a block error code instead of timing out. They suggested my firewall was blocking AOL's server....but both my data center and server management company said that isn't the case.
Because I can't duplicate this problem with anyone but AOL accounts, I don't know what else to troubleshoot or look for. I know AOL is notorious for blocking IPs and most email related problems are usually for lack of rDNS, but neither of those issues are the problem in this situation...so I don't know what else to try. My server management company (PSM) and AOL (once they finally elevated me to a real tech support person), have been very patient and helpful....but we still haven't been able to identify the problem and I feel incompetent for not being able to contribute on my own. I've researched for weeks and certainly understand more than I did, but still far less than they do.
AOL did direct me to a Windows Server troubleshooter relating to UDP packet size limitations with some firewalls that could cause MX query timeouts with AOL, Earthlink and Quest...but because I'm on an Apache server...I didn't know if that could be related at all to my issues (not to mention that I didn't even know what any of that meant until I went and looked up what a UDP packet actually was. I'm still not entirely sure I understand it). Even so, I did send the information to Platinum Server Management a short while ago, but haven't heard back yet.
Anyways.... in the meantime, I thought I'd check here in case anyone else had the same issue or saw something obvious we might not be considering.
My server details are as follows. I included my data center and management company details to illustrate that people far more qualified and intelligent than myself have performed the most common and obvious troubleshooters so far:
Pentium IV 2.8GHz /1GB DDRAM /120GB EIDE HDD
OS: CentOS 4.3
cPanel/WHM
Main Server IP: 66.79.163.138
Example Domain on the server: vedadesigns.net
Data Center: Dediwebhost.com (awesome service & fast support)
Initial Server Setup & Management: Platinum Server Management (I just can't say enough good things about these people)
View 5 Replies
View Related
Dec 3, 2014
we use CentOS Linux 7.0.1406 (Core) Plesk Version 12.0.18 Update #26 I got reports of several users on my system, and i can confirm this myself, that fail2ban is blocking courier imap and postfix connections when i try to connect to the Plesk Server with Outlook 2013 and theBat and the Apple Mac Mail Client.
I used the correct login information but fail2ban blocked the IPs for no obvious reason:
Code:
2014-12-03 12:46:57,908 fail2ban.actions[920]: WARNING [plesk-postfix] Ban 82.134.94.102
2014-12-03 12:46:58,049 fail2ban.actions[920]: WARNING [plesk-courierimap] Ban 82.134.94.102
I disabled the two jails now and it works perfectly. But why is fail2ban blocking valid requests ? I tried it myself and i did not enter a wrong password or something. MaxRetry is 5 so this should not be a problem. The problem is not affecting all users but just a few. However all of them are using correct credentials so i dont understand why they are being blocked at all.
View 1 Replies
View Related
Dec 17, 2008
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
View 3 Replies
View Related
Jul 21, 2009
How do you modify a server's firewall? We have a dedicated server with WHM installed and it appears we can't get into mail.domain.com because of a firewall setting (our host disabled the firewall and it worked fine, then of course put it back up).
View 6 Replies
View Related
Jun 26, 2008
which is the better apf or csf for more security
View 7 Replies
View Related
May 29, 2008
I want to install APF firewall on my vps server.
My server is OpenVZ based with hypervm.
But i dont know wich port used by hypervm and lxadmin and must be open in firewall.
View 5 Replies
View Related
Oct 26, 2009
I'm looking to colo 5 servers, 3 app servers, 1 db, 1 backup/sparedb. I am looking for something to provide a bit of protection in, and it seems like the ASA5505 is a good firewall, but I was wondering if anyone had any other recommendations?
I probably won't need ridiculous features, I wish it had gigE ports (I need to get a separate gigE switch for now, just for internal transfers+backups).
Is there anything else that might be a little cheaper, or do I need to upgrade to the 5510? Myself and one other person are the only people who would be VPNing to the internal server cluster, so we don't need massive connection rights.
I do not think I will be pushing 100mbits of data transfer, so I'm not worried about the throughput of the server.
View 14 Replies
View Related
Apr 18, 2005
What's the best firewall to use on a dedicated server? Maybe something free, or at a low cost - it's a necessary expense after all.
View 6 Replies
View Related
Nov 18, 2006
So I requested a total of 5 to 6 times for a reboot from my DC. Whenever I try to start my AFP firewall, it just hang my server. Even after I reinstall AFP and start it, it still hang my server! Is there any log file where I can keep track of the problem?
View 14 Replies
View Related
