My site [url],gets alot of downtime for alot of users across UK / US.
There are 2 reasons in mind,
One: Firewall / IPtables freak out and ban hostnames that are used by those users.
Two: ISPs blocking the site, due to the fact its hacking oriented.
so, how can I check?
one issue I noticed, users that cant access the site `get server not found`, can always access the site from IP but not domain :|[url]
I'm having an weird issue about PageNest, an offline browser which somebody is using to copy my website and the worst part is makeing my server run slow i think because of to many acceses.
I have tried to block his IP using APF firewall
/etc/apf/apf -d xx.xxx.xx.xxx
After this he is still on top of the list (netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n)
341 requests from his IP
I checked the apache status page and he is still there too , and cPanel's Latests 300 visitors, the same he is copying like 16 images / second
/photo-gallery/toyota......
Http Code: 200 Date: Feb 19 08:11:59 Http Version: HTTP/1.0 Size in Bytes: 2927
Referer: http : // www . mywebsite .....
Agent: PageNest Pro/3.04
I tried than to block myself and it blocked me I wasn't able to access those pages that he was able and I used the same command for bouth IP's (his and mine)
Any ideea how come he's still able to spider my website ?
PS. in the mean time , as I saw that he wasn't stoped by the APF I added 3 lines of PHP code into my function.php file :...
I received a complaint from some of my clients, stating that they can't connect to their site because "it is not online"
Now, the site works perfectly from my PC (both on IE and firefox), I've checked its availability on host-tracker.com, and it's being spidered by google, which clearly means it is online
However, those clients' ISPs won't let them access the site for some unknown reason...I believe it's some DNS issue (probably they refuse to cache IPs from the country the sites are hosted on, which is Holland for the record)
Is there anything I can do, DNS wise, to solve the issue? It's getting frustrating because they think I'm not doing my work and I can't just tell them "your ISP sucks"..
I am currently in the throws of configuring a new dedicated "Windows Web Server 2008 / IIS7 / Plesk" server. As part of the setup I have obviously made sure the firewall is correctly setup. After doing this I have run a remote port scan (from my internet connected PC) to the IP address of the server. This has brought up two ports that should be blocked:
5190
1863
I can open a remote telnet session to both these ports, however if I remote desktop to the server and attempt a telnet connection both ports fail to respond.
Does anybody know what these ports are?
If it helps at all, the firewall surrounding the server is an external Cisco device
It appears that I may have my access blocked from my home network to my web site. I was attempting to set up a POP email account the other night on the server. Since then, I have not been able to access my domain name through ANY of my browsers.
Also, I cannot log-in via FTP. I also tried from my iPod touch on my wireless network at home, no access.
I was able to access and FTP today at work. I also can access on my blackberry. How is this possible?
for the first time in my sites life(10 year site) google blocked it. when you type my site google says that my site has malicious code in it.as we find it the problem in my site came from the company where i hosted it.we clear all the files for the malicious code and now its all ok.i want to ask if anyone knows for his experience how much days google will check my site again to see if all its ok.i send them before six hours via webmaster tools, a request for eaming agin my site,but i dont knwo how will do these. so i am asking anyone of you,who had same experience.any help will be appreciate.please help me with anything you think that might be useful for me to having my site back again in google correctly!
View 5 Replies View RelatedDo you know of any German ISPs that peer with the following:
DE-CIX (Germany)
AMS-IX (Amsterdam)
LINX (England)
Also could you point me in the direction of some reliable German Rack Hosting Companies (Franfurk). As we are a GSP (Gameserver Provider) the network needs to be strong and reliable.
to colocate a 1U in the DC metro area for $100/month for a small non-profit I work with. The service necessary is pretty basic -- 1Mbps or so would do (preferably unmetered so we're not on the hook for overage charges), 1 or 2 IPs would be fine, and the only real service necessary (besides steady power and connectivity, of course) would be the occasional remote reboot and 24/7 facility access.
I've come close to settling on Crosslink Internet (web site at www dot crosslink net, silly system won't let me post the URL directly because I'm new), because they're the only place I've found that can meet that price point. Before I commit, though, I wanted to hear from you guys:
* Are they a reliable ISP? They sound sort of low-budget over the phone, and while that's not necessarily a valid indicator of reliability, it makes me nervous.
* Are there any other decent ISPs in the Northern VA vicinity that could meet this price point that you guys would suggest over Crosslink?
Anyone have recommendations / references for Mexico / Latin America wireless ISPs and coverage areas?
IP satellite coverage?
Also looking for recommendations for Mexico / Latin America data centers (something like half rack, 20 amps, reliable, redundant, etc)
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
i have vbulletin forum with 250,000 member
i tried to send a message to them so i used this blugin
[url]
and send 200 message every 10 minute
after 4 days my ip address are blocked from yahoo server
every mail i want to send i get this message
[TS03] All messages from xx.xx.xx.xx will be permanently deferred; Retrying will NOT succeed. See [url]
All of a sudden my sites are not visible to me hosted in the same cirtex hosting account. I have verified that it wasn't spyware messing with my local computer and can view the site via a proxy. They use cpanel and there is no block visible, but there has to be something somehwere. I told them to restart and that did make the site visible until I checked in the morning, Where would a block be if this is it and is there a chance this was done by a hacker?
View 1 Replies View Relatedhow willing your ISP/carrier is to block one or multiple IP addresses that have may have been causing issues for you such as DDoS attacks, hackings etc.
What has been your experience? Please provide as much detail on your experience as possible.
I am blocked by MSN. All email messages directed to any @hotmail.com address is rejected, here a typical message:
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
name@hotmail.com
SMTP error from remote mail server after MAIL FROM:<user@mydomain.com> SIZE=1802:
host mx3.hotmail.com [65.54.244.200]: 550 Your e-mail was rejected for policy reasons on this gateway. Reasons for rejection may be related to content such as obscene language, graphics, or spam-like characteristics (or) other reputation problems.
I have never spammed nor sent similar content as that listed above.
My host provider says they are contacting MSN for an explantion, but time is running and I need to find a solution to this, because I have some customers (hosted in my server) which need to answer to @hotmailers prospects on their product/services.
Attached is a (badly) drawn diagram of two sites, connected by a vpn.
The site to the left, is network 10.0.0.0/24 which runs a linux server as the router for the network.
The site to the right, is network 10.1.0.0/24 which runs a windows 2003 server as the router for the network.
Now, my problem is, the clients behind the windows 2003 server can ping any machine on the first network because i setup a static route to route all traffic to 10.0.0.0/24 over the vpn interface.
now, my problem is, only the linux server can ping any machine on the windows 2003 network, any client behind the linux server cant seem to route over the interface.
I have the following route on the linux server: .....
Starting point: a working site using a shared IPv4, dedicated IPv6, and SSL. HTTP and HTTPS work, the latter only using SNI of course.
The good news: If I simply allocate an IP resource of 1 to a subscription it is pulled from the pool, assigned to the service node, assigned to the web site, DNS is updated, and the site is automatically changed to using a Dedicated IPv4 and Dedicated IPv6.
The bad news: visitors land on the default web site of the service node, with the default SSL certificate.
Other info: I can't ping the new IP, even though it shows in "ip a l" and /etc/sysconfig/network-scripts/ifcfg-eth0:0. [edited]
After the IP assignment, it is still installed, and /etc/httpd/conf/plesk.conf.d/ip_default/domainname.conf shows the new certificate is being used.
However, a second set of VirtualHost entries is created in server.conf for this IP for ports 80 and 443, with NameVirtualHost enabled on the new IP. The port 443 entry uses the default certificate. Apache's setup this default VirtualHost entry will override the web site configuration because Apache is listening on port 443 with the wrong cert.
If I go to "Change webspace settings" and toggle to Shared IPv4, Dedicated IPv6 the site works again via HTTPS, and Dedicated IPv4 and Dedicated IPv6 breaks it again. Setting the SSL cert to None and back again does not work.
Setting the SSL cert to None, changing to a dedicated IP, and enabling SSL results in the server being inexplicably inaccessible...browsers no longer connect to either the default site or the correct site, and I don't see any entries in the vhosts's logs.
I need to block a specific IP:
93.6.224.242
It adds fine when I do:
iptables -A INPUT -s 93.6.224.242 -j DROP
However, the IP is still accessing files and pages on the site according to Apache:
When I ban other IP's they are blocked from accessing anything on the server (e.g. it wouldn't even reach Apache level because of firewall), but this IP just isn't banning properly.
am using APF firewall and am getting ddos from these range ips
4.68.25.*
8.0.4.*
8.0.5.*
how could i delete all the range from these ip's?
I have recently switched to GreenGeeks, great company and great support, but I am having a huge problem that all my clients and I are having problems with. No one can send emails to ATT, Verizon, Earthlink, Comcast, Etc. because they bounce back as being blocked. I have contacted them to unblock the IP and they do, but then a few days pass and it's blocked again. WTH? I've contacted GreenGeeks and they are aware of the problem but I really need to move on with this problem, does anyone know of any solution to do?
Example: ....
We just got a new windows server and didnt put an antivirus or configure windows firewall, while setting up for the 1st two months.
our IP address has been blocked twice now by this company, on saturday, released on monday and blocked again on tuesday.
[url]
we applied to have it removed which they did and blocked it again, they claim we were spamming, which we never did
We have installed mcafee and setup windows firewall.
One of my clients ran an e-mail bomber and gmail is blocking all emails from my server. I've searched but can't find a way to reach google or unblock the IP.
View 6 Replies View RelatedI have exim mailserver (cpanel based),and when i send mails to some domains i have got the following error
550 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com
How can i solve this issue ? How can i avoid my IP from listing in 88.blacklist.zap?
Recently switched firewalls from APF and CSF, and so far couldn't be happier! But I do have some questions on SYNFLOOD_RATE within CSF.
Currently have a setting for "40/s" and I am still getting many messages in /var/log/messages with *SYNFLOOD Blocked*.
If I enable Synflood checking, the load on the server increases, but the bandwidth usage decreases. But I'm wondering if 'good' visitors are getting turned away?
Is the setting meaning block above 40/s per IP?
Or simply block above 40/s?
Also, does the firewall simply drop the packets above 40?
And is the IP Blocked?
They started blocking my Port 25, so I made an iptables entry on my server to redirect posrt 26 to port 25 so I could set my outgoing mail for my server (from Outlook) to port 26. But one day later teh bastards are blocking my port 26 too! Guess they just don't want ANY outbound mail send from anything but their servers! If I had any other option, I'd dump Comcast in a heartbeat!
View 3 Replies View RelatedI'm testing scripts on new server now, and server has 2 problems.
1. I can not enter domain name as "get" parameter. For example, if I'm requesting URL like domain.com/file.php?url=[url] - it does not work. If I'm requesting URL like domain.com/file.php?url=[url](please note it has INVALID extension for TLD) - it works!
2. fsockopen and file_get_contents does not work. I added these settings into php.ini:
allow_url_fopen = On
allow_url_include = On
...and nothing works. I get just blank pages when using these functions.
Server is running cpanel + apache 2.2 + php 5 + APF firewall
Been running CSF and very happy with. Just wondering if anyone periodically has to restart CSF because it is blocking something it shouldn't? For example, I have port 5151 open in csf.conf, suddenly (at random) the port will be blocked. I restart CSF and everything is fine.
View 4 Replies View Relatedi have a customer whos isp blocked both port 110 and 25, so far i was able to fix the problem with sending e-mails (port 25) but i cant see where do i change or add another port for receive email on my server, and since i cant do it... there is no point on opening a port in the firewall.
View 10 Replies View RelatedI have blocked an IP both in host.deny AND in iptables...and the guy is still able to access my server...any suggestions or something to look for.
CentOS 4.5
I setup php on my IIS in my box and i know i set it up correctly, but each time i reinstall it because of this error i keep getting it.
When i try to see any php file on my IIS through a web browser it shows me some login page no matter what kind of php file it is.
If its html or asp it works fine like here
66.221.255.17
or 66.221.255.17/index.html
but this doesnt work it shows some login
66.221.255.17/index.php and so do all other php files.
My user said he can not view his site from his IP address. His friend from the same ISP also canot access the site.
But i can access from my ISP. So I think probably his IP address has been baned. Therefore, how can I check that? and how can i make his IP range available back?