SSH Access To My Server Only From IP Address IPtables
May 7, 2009
my question
i Have a server with centos and WHM cpanel , the last days i have read in the ssh log files (security) many failure logins from many IP adress
i read some about IPtables and everytime when i read in the log for an ip i block this Ip from IPtables , but this seems bad and boring exepiriance everyday.
so does anyone know the exact command for the IPtables , how to have access to my ssh ONLY from my ip address ?
my IP adress it is static and i want only from that ip to have access to the server and noone else from diferent ip
View 6 Replies
ADVERTISEMENT
Aug 28, 2012
How can I allow only one ip or a list of ip addresses to access port 8443.I need to limit access this port to few ip addresses and not everyone
View 6 Replies
View Related
Sep 11, 2006
for about only 3 months running, my server iptables has 36 ipaddresses blocked so far (most of them are from .edu.cn and .edu.tw, dunno why? maybe because of summer break hehe..).
Those IP got blocked mostly because of SSH bruteforce. Everytime I noticed any SSH bruteforce on my /var/log/secure, I just issued "iptables -A INPUT -p all -s [ipaddress] -j DROP"
so, I'm just curious, how about yours ? how many IP in your blocked lists?
View 2 Replies
View Related
Apr 25, 2007
I would like to setup a rule through iptables or something that will let me so, only one ip can have XX connections per minute/hour or whatever time is set.
or something that will ban ips that are opening massive connections kinda like this ...
View 14 Replies
View Related
Jun 3, 2008
I'm trying to help someone with a shoutcast bandwidth server issue.
They have almost maxed out their bandwidth on one server and need the shoutcast servers on another box (but needs to maintain the same ip)
I tried this:....
View 0 Replies
View Related
Jul 1, 2007
I recently looked at my secure and mesaages log and have been getting a lot of failed SSH root login attempts. So I thought I better do something about it.
Ideally I want to allow SSH login from just 3 remote public IP's, and block all others from even trying
How would you go about implementing this?
I have tried using IPTables, but I think im getting the rule wrong somewhere.
Here is what I have:
Code:
## Access to SSH from Pre-approved IP Addresses ONLY ##
iptables -I INPUT 1 -p tcp --dport 22 -s 123.123.123.123 -j ACCEPT
iptables -I INPUT 2 -p tcp --dport 22 -s 123.123.123.124 -j ACCEPT
iptables -I INPUT 3 -p tcp --dport 22 -s 123.123.123.125 -j ACCEPT
iptables -I INPUT 4 -p tcp --dport 22 -s 0.0.0.0 -j DROP
However this still lets me login from IPs not in the list above?
View 8 Replies
View Related
Dec 7, 2008
I was given 8 IPs by a provider but one of the IPs is unreachable.
The provider said that it could be a server or firewall misconfiguration on my part but the only thing that I installed is csf firewall and all the required ports are open.
Besides, if it were a firewall misconfiguration then why can I access the 7 other IPs?
View 1 Replies
View Related
Apr 19, 2009
Is it possible to limit ftp access to a server to only one ip address?
View 5 Replies
View Related
Apr 30, 2008
I am migrating a client from Plesk to my cPanel server and I want the client to be able to access webmail on their old server through their IP address during the migration.
On my cPanel server, webmail can be reached at [url]or [url]
The problem is that none of the above urls is working on the Plesk server. The webmail for the domain is currently at [url]. Could anyone tell how can I reach webmail on Plesk through their current IP address?
View 5 Replies
View Related
Apr 17, 2014
I'm using Concrete5 CMS to create a website. This CMS creates/manages all its webpages in a mySQL database. Thus, there is no physical folder associated with each webpage, so I can't simply create an .htaccess file and place it in the directory tree in the right sub-folder to restrict access for that sub-folder and all folders it contains.
I have one .htaccess file located at the root level (e.g top-level folder for the website).
QUESTION 1: I need place in this top-level .htaccess file to (1) restrict access to only two specific IP addresses that I can specify (blocking access to all other IP addresses), and (2) specify the URL addresses that I wish to apply this rule to?
For example, let's say my website is [URL] ....
And I want to restrict access to the [URL] ....
and my .htaccess file is located at
/home/myname/public_html/conc/.htaccess
What code can do that?
View 1 Replies
View Related
Jun 12, 2014
I currently run a fair size forum which is running IPB and the new version recommends mysql 5.6. Therefore I decided to go ahead and get this installed. In the process I managed to mess up all my sites completely like a moron and at one point couldnt access anything running modcgi. Now I have fixed almost all of it
Problem: Problem I have now is that I cannot access the plesk panel no matter what I try. Firstly I could not restart the service as it said that the database was missing, and therefore I have restored the PSA database from a backup. The service now restarts however looks slightly different to how I would usually see the restart:-
Stopping sw-engine-fpm: [ OK ]
Starting sw-engine-fpm: [ OK ]
However I cannot access the panel from the usual address. All I get is "Firefox can't establish a connection to the server at husky-owners.com:8443" . Im at a bit of a loss as to where to go from here.
View 4 Replies
View Related
Jun 19, 2013
I'm currently struggling with an issue on our Apache 2.2.24 home-rolled installation on an OEL 6.2 x64 linux server that front-ends for a Glassfish cluster via proxypass.The httpd.conf manages 4 virtual hosts with each virtual host entry rewriting to HTTPS.
Anyone trying to access the HTTP address redirects to HTTPS just fine.The issue is that anyone using the HTTPS address gets redirected to the Document Root defined in Apache instead of being proxypassed to Glassfish.
I had set up a dummy DocumentRoot with a simple index.html meta redirect and what happens is that anyone directly accessing HTTPS will hit the index.html file which redirects to the the https site. At this point it simply loops to infinity.
View 1 Replies
View Related
Jul 26, 2007
I just bought a new ip address and want to setup this new ip as my server's main ip, making the 'existing main ip' as the secondary ip.
Which means, this new ip will be the server's default ip address for all services, including when connecting to other server.
I'm using CentOs 4.5 and swsoft's panels: HSPcomplete & Virtuozzo Power Panel, and Webmin.
View 1 Replies
View Related
Jan 5, 2008
I execute the following commands, in the following order:
iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP
will that last command successfully ban that IP until reboot?
If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.
View 2 Replies
View Related
May 10, 2007
I don't know why, but the server locks up daily at different times of the day. I have to reboot, flush iptables and it will happen again hours later.
I don't know what to look for, what logs, etc.
I'm confident it is something within iptables
I have apf/bfd installed and dos deflate as well.
How can I trace this?
Nothing suspicious in /tmp either
View 4 Replies
View Related
Aug 15, 2007
i run iptables --flush my server go to full down and must go to restart
View 6 Replies
View Related
Jul 11, 2007
way to secure a server? I have iptables on my box but havent seen any scripts which i can base my config on.
I have seen that APF seems to be popular, and from the scripts seems quite simple to setup.
I'm not afraid of iptables per se but i would like a script on which to base for cpanel, do any exist?
I also like the simplicity of APF but i am currently running static nat on iptables and wish to maintain this functionality, the server is used as a vpn gateway.
Any ideas or links to base configuration scripts that would be suitable and maintain my static nat? Are there any checklists which i could go against to ensure everything is secure?
View 14 Replies
View Related
Apr 17, 2009
My server ban me sometimes, while I am surfing on one of my websites(mostly Drupal, Joomla, Wordpress). Sometimes it happens with first visit sometimes later. I couldnt find the reason. Sometimes I cannot either create a ssh connection after ban. But ping answered after ban.
Which path/logs should I analize to find it? I tried with grep but couldnt find:
grep -iR 'my.old.ip' /var/log ... /etc/apf ... /usr/local/apache/...
I think mod_security and suhosin cannot block ssh, then iptables, lokkit or apf must be preventer here.
Where are logs of Iptables and APF? Or how can I find the reason?
View 2 Replies
View Related
Apr 9, 2014
I'm in the process of installing PPA on infrastructure running Parallels Cloud Server. Each container has 2 interfaces, one public facing and a private interface for inter-server communication.
No problems installing PPA 11.5 (specifying IP's on commandline) or adding service nodes however, the firewall rules the documentation speaks of are nowhere to be seen? i.e.:
Important: After the installation, PPA creates the special firewall chain PPA-SN-Rules-INPUT used for communication with service nodes. Do not change it, otherwise, you will not be able to add service nodes to PPA.Click to expand...
Has this been dropped from PPA 11.5 ? (I recall seeing the firewall settings in 11.1) There is also no sign of the ppa.firewall tool that is also mentioned.
The only rule I see inserted is for Postgres on the management node, and 2 for pleskd on all of the nodes (open to world!).
View 2 Replies
View Related
Feb 6, 2015
My customer has an external facing Apache server that is acting as a reverse proxy to two internal applications. They have:
- external addresses for each app which resolve to different ip addresses, so app1.their_domain.com and app2.their_domain.com resolve to 77.3.170.10 and 77.3.170.11 respectively.
- the Apache server has two network interfaces with ip addresses 192.168.10.10 and 192.168.10.11
- the external ip addresses resolve to the above internal addresses
- the firewall between the Apache server and the internal app servers is configured to allow traffic from 192.168.10.10 to reach app_server1, and traffic from 192.168.10.11 to reach app_server2, both using port 7777.
I have configured a virtual host in httpd.conf for each ip, i.e.
Code:
<VirtualHost 192.168.10.10:80>
...
ProxyPass /app http://app_server1:7777/app
ProxyPassReverse /app http://app_server1:7777/app
RewriteRule ^/$ /app/app1 [R,L]
...
<VirtualHost>
and
Code:
<VirtualHost 192.168.10.11:80>
...
ProxyPass /app http://app_server2:7777/app
ProxyPassReverse /app http://app_server2:7777/app
RewriteRule ^/$ /app/app2 [R,L]
...
<VirtualHost>
This works fine in that the external address are being routed to the correct application, however the firewall is blocking requests to the second app as it appears the requests are coming from the Apache servers 'primary' ip address 192.168.10.10 instead of 192.168.10.11.
Is it possible to send requests using the ip address from the relevant VirtualHost?
Windows server 2008
Apache 2.2
View 1 Replies
View Related
Aug 4, 2008
I am using virtuozzo firewall to secure access.
I enter 58.27.175.211/255.255.255.0 for Source Address and Netmask for port 22.
But still I can connect using 58.181.103.217 or 58.27.151.120.
Second is it possible to enter two different ip address in source address?
View 4 Replies
View Related
Aug 13, 2007
I have a site on a windows 2003 server, the site is an ASP.Net site and is working prefectly. So say that the website is called www.mywebsite.com. This site also has a forum which uses vbulletin (php & mysql) and the forums are available at www.mywebsite.com/forums.
Currently the php and mysql are also running on the windows 2003 server. But I want to move all of my php sites off this server and onto a seperate linux box that is set up and ready to go.
So my question is even though www.mywebsite.com points to the windows server, is there any way I can set up DNS so that www.mywebsite.com/forums points to a completely different linux server?
View 3 Replies
View Related
Apr 15, 2009
I don't know enough about networking so I'm going to ask WHT community on this. I have a server with several sites. One of the site uses static IP and now it outgrows the server. I need it to be on a new dedicated server but retain the same IP.
How easy is it to add a new server and move/reassign the IP address to the new server? My host said it's impossible due to a networking issue. Is it really a technical issue or simply a policy?
View 5 Replies
View Related
Feb 23, 2008
This has threw me a little bit. I am to configure WHCMS for my server and its asking me for my server status address. Can some one explain what this odes, i know it has something to do with monitoring. Additionally how should i configure this?
View 2 Replies
View Related
Jun 4, 2008
i run a linux server with the planet it comes with ensim installed.
as some of you probabley heard about the fire at the planet and they offered to move my server to another facility but they have to change the server ip address which i agreed to it
the server is back online but i'm unable to acces any websites
i asked them to point all domains to the new ip address but they are really busy and i assume it would take a day or 2
when i login to ensim and list all sites i still see the old ip address listed under each domain, do i need to change that if so how?
will everything work once the they modify dns records?
View 2 Replies
View Related
Oct 16, 2013
I have Plesk 11.5 (service provider mode) on a Windows 2008 server IIS7.Most of my sites are developed in .asp and therefore i use a custom 500-100.asp error page that check s the IP of the visitor then displays either a friendly error, or if its my IP a full error of what has happened (it also emails me the error). This allows me to debug pages easily whilst developing and to keep an eye on anyone trying SQL Injection hacks on my sites (as the error and email also have session variables and IP address).I dont have root access to the server as it is a Webfusion dedicated server.I have following the Plesk documentation -
1) Switch on custom errors for the subscription
2) Look in virtual directories and navigate to error documents
3) Find the error in question (500:100) and change it to point at either a file or URL
FILE - I had the data centre add in the 500-100.asp error page in to the virtual template so that my page is available in the list of virtual files - this didn't work but that maybe because its not a static page??
URL - when i add the path it says its incorrect, if i add a fully qualified address, it accepts it but it doesn't work.give me a specific example of the URL that can be entered relative to the root as the format in the documentation isn't accepted. The last step is to restart IIS which is also an issue as i cant seem to do this from the Plesk panel..It is as if it isn't catching the 500:100 error, and only catching the general 500 error??
View 1 Replies
View Related
Mar 15, 2008
I cannot send emails to name@hotmail.com from any of sites hosted on my server. No mass emails. no unusual activities. Even though they blocked it. I filled out their forms but they didn't remove the block.
View 11 Replies
View Related
Jul 23, 2008
I am using cpanel and i want to change server ip address
how can i change it.
View 3 Replies
View Related
Sep 12, 2008
is there any simple write up or method to change the main server IP in WHM/Cpanel without screwing anything up? I have some new better IPs I wish to use for the servers base IP and accounts but I'm not sure what exactly needs to be changed to make the transfer without breaking anything.
View 5 Replies
View Related
