I had csf firewall installed, and due to my own stupidity, attempted to login with the wrong password one too many times, which added my IP to iptables, locking me out. I had to SSH into a linux box at school, and then ssh into my server to stop the iptables service so I could get into my server.
I removed every trace of my IP that I could find in csf, but sometime in the middle of the night, iptables reloads some rules from somewhere that blocks me again. I also tried doing iptables -F to clear all rules, but again, sometime in the middle of the night, rules are reloaded and I get blocked. I even uninstalled csf to no avail. I just want to remove my IP once and for all.
Are you using any kind of external firewalling? I have enabled the passive ports in pure-ftpd and attempted to connect in passive mode, but it still fails.
and
Howdy,
You should allow connections on 30000 through 50000 for passive ftp
I use APF and APF is working with iptables , when I define a large number of IPs in deny_hosts.rules or allow_hosts.rules and restart the APF , iptables begins to display errors after applying some number of rules , I have set SET_TRIM="0" in APF , so the number of APF rules is unlimited and the error is from iptables.
Is there any setting in iptables config files for maximum number of rules?
Is it unlimited and depends only on system available memory? O/S , ...?
I have a VPS (Virtuozzo) with cPanel installed. I notice that iptables running in the VPS had many DROP rules when I listed using iptables -nL command. So I flushed iptabled using "iptables -F" command and also "> /etc/sysconfig/iptables" command and restarted iptabled. When I try to list the rules it would show empty. However when I try to list after a few minutes it is showing the same old rules with many DROP rules yet again! Is there anyway to remove the rules completely?
When I add a new site via New Account in WHM and once the domain resolves, the cPanel 'Great Success' page shows. I have verified the site is resolving properly.
This is a brand new installation and the only changes I have made is I updated apache via WHM.
My fedora server is running apf firewall. When I turn it off, clients can connect.
When I turn it on, it says MSG: Contacting Server.
I have already added ports 6100 and 3784 to /etc/apf/conf.apf by adding the ports to the lines, EG_TCP_CPORTS, EG_UDP_CPORTS, IG_TCP_CPORTS, and IG_UDP_CPORTS
I've been having an issue with one of my sites were someone has been adding malicious code to the index file. I don't know what has been compromised and am looking for a way to stop this.
I have a dedicated server have already upgraded MySQL to the latest version as I though that might work but it hasn't.
I just added a new PHP Handler with PHP Verison 5.5.18 as cgi and i always get an error when activating. I used the samte setting and php ini as the Buildin Ones
I tried to set up a site with a "dedicated" IP without SSL, and ran into this problem again. The new IPs (v4 or v6) are not reachable, pingable, or trace routable from outside the container, even from its PCS hardware node.This is what I get after adding the address in PPA:
By contrast, if I add an IP address through PVA, it is pingable. Note the differences, namely that PVA's ifcfg-eth0:0 has "BOOTPROTO=static" and the IPs double quoted. For those testing at home also note that PVA removed the existing IPv6 addresses (that it didn't know about).
I recently realized that domainkeys headers are not added to mail messages that are generated on our server. We are using MailEnable Enterprise 8.60 (upgraded on the Stardart edition, that is installed with Plesk).
I thought the problem could be related with this upgrade and created a new VM and tried that out. Installed Windows Server 2012 R2 Std, enabled DNS and IIS with ASP.NET versions, applied all updates, installed Plesk 12 and Upgraded to MailEnabled Enterprise. On the new server mails are going with the correct domainkeys headers.
Now I think that the problem was generated because of the Migration. On the old server Plesk 11.5 was installed and we didn't have any domainkeys issues. When we created our new server, with the same steps I wrote below, and migrated our backup to the new server, domainkeys headers weren't there anymore.
I couldn't find any documentation about this issue. Is there any commands to reset the settings related to domainkeys or may be it's a curruption in the psd database?
I signed up with Lunarpages a while back for a dedicated server for my business. Good price, managed hosting rocks, decent disk space... little problem once with a huge power outage, but **** happens, cool.
All is well until I wake up this morning to an email a minute about a failed cron job. It smells fishy, so I contact LUnar pages support to see whats up.
They inform me that some asswad had managed to brute force into my server using a temporary account I set up a while back for some tech support. (I prefaced this with 'im an idiot', so no you know why) Either way, my server now has a rootkit, plus other **** im sure im not aware of... so they propose to move me to a brand new fresh box. im thinking they are gonna charge me a fee for this, a fee for that... no way. All is free of charge.
Im ****ting kittens now.
so im resetting everything up, and i manage to look myself out of my database...(i told you I was an idiot.. and this was a looooong day already)
they fix it. again. no problem...
If you are looking for a dedicated server, go to lunarpages. otherwise you are a freaking idiot as far as I am concerned... Lunarpages, I love you, I want your babies...
PS: I am in no way affiliated with lunarpages... however, if they want to give me a free year on their servers, i wouldnt complain... *hint hint*
Any good secure rules for mod_security 2 that work well for shared servers?
Can someone share what rules you are using to secure your shared servers. Have tried a few different sets of rules, but a few customers always end up with errors and disabling it for their domain name doesn't sound like a safer option for them or the server.
how to create rules with ip/5hit/s is black list and auto ban ip with IPSec.
when test attack file .php info test : using code attack files. attack file test.php ( code files : <?php echo "we are test" ; ?> ) Ex : attack files test.php ( http://mydomain.php/test.php ) attack 200hit/s ( all files .php is not run ) php application is hang.
also wherewith code attack. i tested asp, html. it isn't problem. ( 1879hit/s ) ( good working)