I've one main web server, the problem is that many people (now including myself) are often receiving "Connection timed out" messages in their web browser when trying to visit websites. This web server is a CentOS 5 machine and the HTTP server in use is Apache 2.2.
Of course, I've considered contacting server admin people who will look at this sort of thing on a one-off price or manage my servers at a periodic billing rate - but I'd much prefer to see what others have to say here first... hopefully learn some new stuff. It isn't a huge problem right now, but it can be annoying browsing the websites because a refresh would be required to connect again. I've learnt everything I know about Linux etc myself so far, through the likes of WebHostingTalk.. now is time for me to learn about TCP, HTTP, Apache and more if anybody has any ideas about this problem.
When running netstat, I'm seeing a rather large amount of TIME_WAIT's, I'm thinking this could have something todo with the connection time outs?
Here is my netstat output for TCP: [url]- notice all of the HTTP TIME_WAIT's for gangsternation.net? (also, a couple of other sites with less traffic)
All of a sudden my sites are not visible to me hosted in the same cirtex hosting account. I have verified that it wasn't spyware messing with my local computer and can view the site via a proxy. They use cpanel and there is no block visible, but there has to be something somehwere. I told them to restart and that did make the site visible until I checked in the morning, Where would a block be if this is it and is there a chance this was done by a hacker?
how willing your ISP/carrier is to block one or multiple IP addresses that have may have been causing issues for you such as DDoS attacks, hackings etc.
What has been your experience? Please provide as much detail on your experience as possible.
I am blocked by MSN. All email messages directed to any @hotmail.com address is rejected, here a typical message:
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
name@hotmail.com SMTP error from remote mail server after MAIL FROM:<user@mydomain.com> SIZE=1802: host mx3.hotmail.com [65.54.244.200]: 550 Your e-mail was rejected for policy reasons on this gateway. Reasons for rejection may be related to content such as obscene language, graphics, or spam-like characteristics (or) other reputation problems.
I have never spammed nor sent similar content as that listed above.
My host provider says they are contacting MSN for an explantion, but time is running and I need to find a solution to this, because I have some customers (hosted in my server) which need to answer to @hotmailers prospects on their product/services.
It adds fine when I do: iptables -A INPUT -s 93.6.224.242 -j DROP
However, the IP is still accessing files and pages on the site according to Apache:
When I ban other IP's they are blocked from accessing anything on the server (e.g. it wouldn't even reach Apache level because of firewall), but this IP just isn't banning properly.
I have recently switched to GreenGeeks, great company and great support, but I am having a huge problem that all my clients and I are having problems with. No one can send emails to ATT, Verizon, Earthlink, Comcast, Etc. because they bounce back as being blocked. I have contacted them to unblock the IP and they do, but then a few days pass and it's blocked again. WTH? I've contacted GreenGeeks and they are aware of the problem but I really need to move on with this problem, does anyone know of any solution to do?
One of my clients ran an e-mail bomber and gmail is blocking all emails from my server. I've searched but can't find a way to reach google or unblock the IP.
I have exim mailserver (cpanel based),and when i send mails to some domains i have got the following error
550 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com
How can i solve this issue ? How can i avoid my IP from listing in 88.blacklist.zap?
Recently switched firewalls from APF and CSF, and so far couldn't be happier! But I do have some questions on SYNFLOOD_RATE within CSF.
Currently have a setting for "40/s" and I am still getting many messages in /var/log/messages with *SYNFLOOD Blocked*.
If I enable Synflood checking, the load on the server increases, but the bandwidth usage decreases. But I'm wondering if 'good' visitors are getting turned away?
Is the setting meaning block above 40/s per IP?
Or simply block above 40/s?
Also, does the firewall simply drop the packets above 40?
They started blocking my Port 25, so I made an iptables entry on my server to redirect posrt 26 to port 25 so I could set my outgoing mail for my server (from Outlook) to port 26. But one day later teh bastards are blocking my port 26 too! Guess they just don't want ANY outbound mail send from anything but their servers! If I had any other option, I'd dump Comcast in a heartbeat!
I'm testing scripts on new server now, and server has 2 problems.
1. I can not enter domain name as "get" parameter. For example, if I'm requesting URL like domain.com/file.php?url=[url] - it does not work. If I'm requesting URL like domain.com/file.php?url=[url](please note it has INVALID extension for TLD) - it works!
2. fsockopen and file_get_contents does not work. I added these settings into php.ini:
allow_url_fopen = On allow_url_include = On
...and nothing works. I get just blank pages when using these functions.
Server is running cpanel + apache 2.2 + php 5 + APF firewall
Been running CSF and very happy with. Just wondering if anyone periodically has to restart CSF because it is blocking something it shouldn't? For example, I have port 5151 open in csf.conf, suddenly (at random) the port will be blocked. I restart CSF and everything is fine.
i have a customer whos isp blocked both port 110 and 25, so far i was able to fix the problem with sending e-mails (port 25) but i cant see where do i change or add another port for receive email on my server, and since i cant do it... there is no point on opening a port in the firewall.
My user said he can not view his site from his IP address. His friend from the same ISP also canot access the site.
But i can access from my ISP. So I think probably his IP address has been baned. Therefore, how can I check that? and how can i make his IP range available back?
My IP in clean from any blacklist/RBL databases but hotmail is blocking with the error message below:-
Remote host said: 550 Your e-mail was rejected for policy reasons on this gateway.
Reasons for rejection may be related to content such as obscene language, graphics, or spam-like characteristics (or) other reputation problems. For sender troubleshooting information, please go to [url]. Please note: if you are an end-user please contact your E-mail/Internet Service Provider for assistance.
I've just got a fully manage VPS, unfortunately the newly aquired IP was listed in PBL (policy Block List)by spamhaus which is a nonspam source. I've got the ip de-listed but apparently some servers are still rejecting emails coming from this IP. It have been almost 48 hrs. Question is:
1) How can the IP got listed when it's never been use? How can we check IP is indeed a 'fresh' or pr-owned by spammers?
2) What is the possibility of the IP being blacklisted by these servers forever? How long does it normally take for it to be totally in the clear?
3) What are the preventive measures that can avoid IP being listed?
4) Is configuring Reverse DNS PTR a standard procedure in server set-up and could missing that config be the main reason the IP got tagged?
Some of our servers are complaining that they can't access the website. How can we check the blocked IPs using IP tables rules? Are there any special command to check?
One of my hosted user complained that he can't access his website nor he can ping the website. When I asked him to access my 2nd server (same datacenter), it went fine. I could be thinking that my server is blocking his IP.
How do I check if his IP is blocked?
I am using APF+BFD Iptables firewall (i don't know but i hope this make sense)
I have a leased server that I use cpanel and webhost manager to manage. I've just set up the server in the past week and put our website on it and created all the email accounts. The emails are all working fine now, but we have another website on someone elses server that has sends an email (using php) and the emails aren't going through.
They went through just fine before I moved our site and email accounts over, and I've checked in cpanel to see if I had any spam filters turned on and I don't. I've also tried sending email manually using thunderbird and outlook, both work fine. Also, on our server, i've been able to send email through php.
Anyone know of a setting that I might be missing in my webhost manager?