Apf Block Connection, How Can I Check And Fix
Jul 18, 2008
I have apf installed on my server and it looks likely be inreachable,
and i try to reboot the server,
after rebooting, i can not connect from my pc to it any more,
i go to console and test,the server can ping and traceroute the out servers,
i think the newwork is online and the afp black the coming connection.
i try to run "apf -f" to stop the apf,
and my friend can connect the server laster.
i think it may be because the apf black the out-coming connection,
now,i need to check why the apf black others and try to fix it and restart the aps,
can anyone teach me how can i do now?
my server os is centos
View 5 Replies
ADVERTISEMENT
Aug 9, 2007
I want to make a PHP script to check the status of Internet Connection outside the LAN.
I was thinking of Google Ping, cause google's ping are fast and their robust network is never offline.
View 0 Replies
View Related
Apr 16, 2008
Can you conduct me to check the server speed by commands ( linux fedora )?
How to check connection speed of the server. i.e. 100 Mbps , 10 Mbps, etc.
I saw an message like this : " NIC Link is Up 10 Mbps Full Duplex", according to my knowledge, this is my server connection speed/ bandwidth is 10 Mbps, isn't it?
View 2 Replies
View Related
May 14, 2008
i want to know how much connection/session numbers to my server,
are there any method to get it?
View 1 Replies
View Related
Nov 7, 2008
sometimes, some people may try to guess the password of ssh,whm,ftp,...etc,
or any ddos attack,
do you only use iptables to place this problem?
or do you install any other scripts to secure your server?
my serve is centso.
View 6 Replies
View Related
Apr 7, 2008
I have ftp server (pure-ftp). with firewall.
i allowed 20 and 21 port in "CSF" firewall
now when i or our client connect to the server connection done.
and the they fire dir or ls command they will receive error
"425 Could not open data connection to port 2535: Connection timed out"
what is the problem.i have already allowed passive port 2500:3500 then why i received this types of error
View 3 Replies
View Related
Jul 1, 2009
I would like to know how to check load via ssh and check files causing load?
I want the ssh codes for 2 different set of control panels, one with cpanel+whm and other with kloxo+hypervm
and I would also know how to check the files causing the load, such as some files could have been interrupted while processing, so they could be causing load some times, so I want to stop such processes if any are running on the vps on my friends accounts
View 5 Replies
View Related
Jul 8, 2009
I am curious, what is the best way to ban certain IP from accessing server? I have software firewall (APF) and there is, of course, /etc/hosts.deny.
Which is the most efficient? I've read that software firewall becomes unstable after so many entries. Does the same apply to /etc/hosts.deny file?
Or is there a better way altogether?
View 7 Replies
View Related
Jun 8, 2009
some Chinese forums hotlinking images from my site and I even delete those images they keep sending me huge amount of http requests to my hosting server and eating 800mb of memory and upto 1GB cause server crash
I tried to block incoming referrer traffic from those sites using htaccess but it didn't work , I still see their http request on my server logs and memory keep goes high , am not sure my code is the right
how can I block these http request from these domains , what is the right htaccess code , I use DirectAdmin panel by the way
View 7 Replies
View Related
Apr 10, 2008
i recently purchased a VPS from internetvps.com, but im not sure what OS of linux it is. How can you check the OS of the server?
View 10 Replies
View Related
May 16, 2007
Can any one let me know how to block a range IP on SSH?
Eg: i'd like to block all IP: 67.63.123.xxx
View 5 Replies
View Related
Jun 7, 2007
Let's say I have a VPS with 512 MBs of RAM.
How do I check in shell that this is indeed the case?
I read in some places that "top" and "free -m" and such can help.
But these gave me way more than 512.
Here is the output from my "free -m". Total shows here 3886 MBs of MEM??? That is almost 4 Gigs. Please someone explain this.
total used free shared buffers cached
Mem: 3886 3721 164 0 17 542
-/+ buffers/cache: 3161 724
Swap: 6142 2020 4121
View 4 Replies
View Related
Jan 9, 2007
I'm currently experiencing a lot of IP's starting with 200 and 201 (from Brazil) some IP’s have over 200 connections. I have APF installed and want to know how to block a block on ip's if this is possible.
IPS:
200.11.*******
201.*******
View 3 Replies
View Related
Apr 27, 2007
I have DDos Attack right now so I want to block all the IP from all over the world and just allow certain IP range.
How to do it using APF or any other way.
For example I want to block everything but Germany IP
Code:
53.0.0.0/8
62.4.64.0/19
62.8.32.0/19
62.8.128.0/17
62.24.0.0/19
62.26.0.0/15
62.40.0.0/19
62.44.32.0/19
62.48.64.0/19
62.50.32.0/19
62.50.96.0/19
62.50.192.0/18
62.52.0.0/14
62.61.32.0/19
62.68.0.0/19
62.72.0.0/18
62.72.64.0/19
62.75.128.0/17
62.78.64.0/20
62.80.0.0/18
62.80.96.0/19
62.89.160.0/19
62.91.0.0/16
62.93.192.0/18
62.95.128.0/18
62.104.0.0/16
62.109.64.0/18
62.109.128.0/19
62.111.0.0/17
62.112.32.0/19
62.112.64.0/19
62.112.128.0/19
62.116.128.0/18
62.117.0.0/19
62.128.0.0/19
62.128.160.0/19
62.133.0.0/19
62.138.0.0/16
62.141.32.0/19
62.141.160.0/19
62.145.0.0/19
62.143.0.0/16
62.144.0.0/16
62.146.0.0/16
62.152.0.0/19
62.152.160.0/19
62.153.0.0/16
62.154.0.0/15
62.156.0.0/14
62.165.0.0/19
62.168.192.0/19
62.169.0.0/19
62.176.128.0/19
View 2 Replies
View Related
Apr 15, 2007
how can i block to access to some IP?
for examaple scripts in my hosts can not access to some IPs i want
View 6 Replies
View Related
Mar 20, 2007
Quote:
Nobody Check 1.0.3 Current on cPanel
Tue Mar 20 16:00:02 SGT 2007 on blue.mydomain.com
Server Load: 16:00:02 up 21 days, 14:02, 0 users, load average: 2.73, 2.20, 2.08
Warning: Malicious Nobody Process Found
=========================================
Options: kill bad proc=1 logging lvl=1
SCAN SUMMARY
========================================
Clean Processes: 57
DETECTED Malicious Processes: 1
DETECTION DETAILS
========================================
DETECTION: Process 4221 with name php and path /usr/bin/php
Process ID: 4221 has been killed
Restuls for PID: 4221
total 0
dr-xr-xr-x 3 easyzz easyzz 0 Mar 20 16:00 .
dr-xr-xr-x 291 root root 0 Feb 27 10:01 ..
dr-xr-xr-x 2 easyzz easyzz 0 Mar 20 16:00 attr
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 auxv
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 cmdline
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 cwd -> /home/easyzz/public_html
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 environ
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 exe -> /usr/bin/php
dr-x------ 2 easyzz easyzz 0 Mar 20 16:00 fd
-rw-r--r-- 1 easyzz easyzz 0 Mar 20 16:00 loginuid
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 maps
-rw------- 1 easyzz easyzz 0 Mar 20 16:00 mem
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 mounts
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 root -> /
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 stat
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 statm
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 status
dr-xr-xr-x 3 easyzz easyzz 0 Mar 20 16:00 task
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 wchan
Netstat:
Environ:
Hello, I got this notification from the 'Nobody Check'.
Is there anything I need to be aware of? ..
View 3 Replies
View Related
May 22, 2007
confirm this is only 1gig of ram?
Mem: 1034096 985128 48968 0 157944 559136
-/+ buffers/cache: 268048 766048
Swap: 2040212 160 2040052
Total: 3074308 985288 2089020
View 3 Replies
View Related
May 5, 2009
Fortigate appliances blocking an IP that is not in RBLs I have a problem with the IP 66.187.108.157 of my VPS it seems to be blocked by Fortigate appliances, as you can see in this error message:
SMTP error from remote mail server after RCPT TO:[url] host mail.am.com.pe [200.62.221.107]: 554 5.7.1 This message has been
blocked because it is from a FortiGuard - AntiSpam black IP address.(connection black ip 66.187.108.157)
However I have searched in this URL [url]and it is clean.
Any ideas on how to have/force Fortigate databases to become updated.
View 1 Replies
View Related
May 12, 2009
I'm having difficulties with a whm running on centos dedicated server. The problem is that we receive too much of spam and junk emails. by too much I mean 2000 bulks per week. It's killing us.
how I can stop it.
View 14 Replies
View Related
Apr 20, 2009
I'm running CSF on a Cpanel server and have questions about new features in CSF
Apache Check
Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)
Results
Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > Apache Configuration > Global Configuration > SSLCipherSuite > Add -SSLv2 to SSLCipherSuite and/or remove +SSLv2. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
Can someone explain this in laymen terms? I know this is new in Cpanel. I'm already running Apache 2.2, PHP 5.2.9 with suPHP enabled and mod_security as well (these rules: [url]
Also, what exactly are these CSF checks?
Check csf PT_SKIP_HTTP option
This option disables checking of processes running under apache and can limit false-positives but may then miss running exploits
Check csf SAFECHAINUPDATE option
This option closes a window of opportunity that opens when dynamic chain updates occur
View 3 Replies
View Related
Jun 11, 2009
how to check using SSH if the HD is SSD drive in a linux box?
View 1 Replies
View Related
Jul 18, 2009
How can we be sure that we are facing ddos attacks any good command which will make me 100 percent sure that there is ddos attacks on server ?
View 12 Replies
View Related
Jul 4, 2009
IM about tired of spam and hackers putting phishing items on my server.
My question is.
How can I block the whole world expect for US, CA and UK?
I've added several countrys to csf's csf.deny list but half of them keep disappearing.
View 14 Replies
View Related
Feb 26, 2009
Is it possible to run a hardware check on my VPS?
For instance DFT (Drive Fitness Test) or Memtest?
I'm running HyperVM and WHM.
View 3 Replies
View Related
Apr 10, 2009
I have one client who cannot see my server and all domains on it. I;ve checked if his IP is block or not and I didn't see his IP on the apf deny host file. How to you check IP if it can see my server? I just want to make sure before calling the ISP.
View 3 Replies
View Related
Jun 12, 2008
Is there any way to block a particular ISP? Have a visitor that changes IP hourly, but the IP always resolves back to a hostname like dsl.yuns.sksk.uk .
I have CSF installed. Any way to block all visitors from dsl.yuns.sksk.uk?
View 3 Replies
View Related
Jul 22, 2008
I used this script
[url]
Now, via command line how can I check that ALL these work and are enabled for example? I'm not talking about visually seeing the files there, I mean actually enabled.
View 1 Replies
View Related
Jun 17, 2008
in one of my servers i have this line in my ConfigServer Security & Firewall:
190.28.118.155 # lfd: 10 (suhosin) login failures from 190.28.118.155 - Mon Jun 16 23:27:50 2008
is this ok? i mean... its an attack of some sort? i know suhosin is meant to increase php security, so its blocking an attack right?
View 0 Replies
View Related
Apr 29, 2008
I have blocked this IP 125.115.144.28
/etc/apf/apf -d 125.115.144.28
But
netstat -anp|grep tcp|awk '{print $5}'| cut -d : -f1 | sort | uniq -c | sort -n
It still showing
202 125.115.144.28
Why?
Is it supposed to blocked right away, or need some time to get blocked.
When I checked /etc/apf/deny_hosts.rules
The IP is in the file.
View 12 Replies
View Related
Apr 11, 2008
I recently added ubl.unsubscore.com to my email server. I only have that one and the SpamHaus (Zen) activated.
I am able to see the SpamHaus listed on DNSStuff and on SpamHaus website that the person trying to email me is not listed.
So I have to think that it is ubl.unsubscore.com list. But what domain name can I enter into the browser to check this list? www.unsubscore.com does not work. A little searching led me to lashback, but the IP is not listed there either.
View 2 Replies
View Related
Aug 6, 2008
You know, maybe, how to check if my provider has bgp4?
Via unix command or somnething...
View 0 Replies
View Related
