Nodos Blacklist - It Banned Me From My Own Server

Aug 13, 2008

I just lost access to my site, but wannabrowser & siteuptime, etc. all said it was up!

I ran ipconfig /flushdns and everything.
Finally, I unplugged my wireless & router and waited. Plugged it back in, everything worked (I had a new IP)

The only suggestion I can come up with is that my own security protection filtered me! How can I view the nodos blacklist to see if this is the case?

I already checked iptables -L and my IP (and range) did not show.

View 4 Replies


ADVERTISEMENT

I Am Banned From My Own Server

Feb 22, 2007

I can't seem to access my server. I can get in through a proxy but not with my own IP. I can't log in through SSH to find out what's going on because I'm banned. I manage my own machines at the moment, so no I can't really contact my host.

View 14 Replies View Related

New Server Has Banned IP Addresses

Jul 8, 2008

My story starts with my getting burned by fumiNET (the first *grrr*)...

Burstnet reactivates my server (for an additional payment of course). The server seems fine but I thought that I might do better with a BurstNET reseller (better service). So...

I sign up with a reseller, and since I got my new server I've been plagued with email bounces, rejections, etc. Seems that my server (via the reseller) was supplied with a bunch of banned IPs (in other words, crap IPs). (the second *grrrr*)

I've reported to the providers abuse department, but was told that I have to handle this. (third *grrrr* - or is it just continued from the second?)

I've had it. I'm ready to fold up shop. As it is the sites keep me busy - but then...

- I get screwed by fumiNET (losing a big chunk of money)
- the hassle of trying to get my fumiNET server back up (thanks BurstNET)
- transferring to the reseller for better service, and finding out that perhaps BurstNET service was better than the reseller's

I'm open if anyone has suggestions. Some that I've come up with myself...

- finding yet another server provider (recommendations welcome)
- drinking large quantities of Guinness (worth it regardless)
- pulling the plug on the server and getting shared hosting to hold some minimal content
- forgetting the whole damn thing and getting a job as a [pick one]: store clerk, street cleaner, used car salesman

View 1 Replies View Related

Yahoo Banned My Mail Server

Apr 14, 2008

I run an small social netwroking web site.

I just checked and it looks like yahoo dont accept emails from my server.

so is there any way i send those bulk emails to those users or my web site from another mail service prodider so that delivery guaranted?

informing my users who has yahoo mail account about updates etc..

i have dedicated server and cpanel.

View 3 Replies View Related

What To Do If Server Is On A Blacklist?

Nov 25, 2008

What do you do if your server is on a blacklist?

This just happened to my server about a week ago. Folks complaining they cannot get their signup emails etc, me not getting server notifications etc etc. Sure enough, showing up on a blacklist, one that checks the /24 block. So I am penalized for somebody else in block spamming.

I tried to setup godaddy email on the server, it works but not for internal emails FROM server (ie using php script to notify somebody or me). I added the mx records to the WHM and it does not work, I tried to add site to /etc/remotedomains and remove from the remotedomains but that does not work.

somebody mentioned using pears SMTP mail method, but then would have to change all the code, ugh.
how can I change the main servers relay so ALLLLL email will be relayed through the godaddy servers instead of the default it is using. i am running Exim.

View 7 Replies View Related

My Server IP Is On Blacklist

May 11, 2007

When I tried the Spam DataBase Lookup on dnsstuff.com I saw in results something that:

[url]

How can I fix this issue?

My server wasn't hacked. I check logs every day and I didn't say nothing disturbing.

View 4 Replies View Related

How To Get My Server From Re-appearing On Blacklist

May 17, 2008

I can only assume that I have a virus or adware on my server but Acunett says that there is nothing. I double checked all of my email sending php scripts and all of them are secure and not sending any spam. However in my mail queue in WHM I see spam emails and my server's IP keeps getting relisted on the blacklist located at:

[url]

AM I THE ONLY PERSON IN THE WORLD WITH THIS PROBLEM? This is getting frustrating I have probably spent over 200 hours trying to get this resolved but it seems like no one knows what to do. This is hurting my business since I have tons of emails stacked in my queue and being blocked by email providers due to that blacklist. I remove my server's IP successfully and the next day it is blacklisted again. If anything how can I check my linux server for viruses?

View 6 Replies View Related

How To Congifure Your Server To Prevent From Getting On Mail Providers Blacklist?

Dec 2, 2008

What scripts/tools or configurations on a CPanel/WHM (Centos) server can you make to prevent spam from getting sent out by "clients" you may be hosting or just spam in general.

As, in the hosting industry, you are always going to have a client or two successfully send out spam, as some spam may not look like spam, but if you do not follow all the guildlines, I know regular newsletters can be consider spam.

View 5 Replies View Related

Plesk 12.x / Linux :: Is Blacklist Server Wide Mail Settings Working

May 18, 2015

I set multiple mail servers (eg media-26.com) in the black list of server-wide mail settings but i still get spams from these mail servers..does it work properly?

View 8 Replies View Related

Banned My Own IP

Dec 15, 2007

You can see my servers information at the bottom.

If in this post there is security information I have reveiled I hope you will tell me

After a couple of hours where someone tried to login to root and Directadmin using ssh, i closed ssh and made some minor changes to the security.

I turned on the automatic add ip if login failed 3 times, in DirectAdmin.

I dont know why I was banned cause I DID NOT use wrong login???

My other users of the server also got banned, and they say they did not use wrong pass either?

SO how do I unban me so I can acces DirectAdmin again?

And as if that was not enough, because Im soooo good at this...
while I was at it I stopped SSL cause I got following error and I dont really need it, I think
-------------------------STARThttpd_error_log
[Sat Dec 15 03:38:22 2007] [error] server reached MaxClients setting, consider raising the MaxClients setting
[Sat Dec 15 03:58:32 2007] [notice] caught SIGTERM, shutting down
[Sat Dec 15 03:58:34 2007] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Sat Dec 15 03:58:34 2007] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Sat Dec 15 03:58:34 2007] [warn] Init: SSL server IP/port conflict: www.belove.updownloading.com:443 (/usr/local/directadmin/data/users/belove/httpd.conf:48) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:34 2007] [warn] Init: SSL server IP/port conflict: www.fusion-planet.updownloading.com:443 (/usr/local/directadmin/data/users/iceangel89/httpd.conf:48) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:34 2007] [warn] Init: SSL server IP/port conflict: www.nicheserver.com:443 (/usr/local/directadmin/data/users/nicsad/httpd.conf:48) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:34 2007] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:34 2007] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Sat Dec 15 03:58:34 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Dec 15 03:58:34 2007] [warn] module php5_module is already loaded, skipping
[Sat Dec 15 03:58:35 2007] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Sat Dec 15 03:58:35 2007] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?
[Sat Dec 15 03:58:35 2007] [warn] Init: SSL server IP/port conflict: www.belove.updownloading.com:443 (/usr/local/directadmin/data/users/belove/httpd.conf:48) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:35 2007] [warn] Init: SSL server IP/port conflict: www.fusion-planet.updownloading.com:443 (/usr/local/directadmin/data/users/iceangel89/httpd.conf:48) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:35 2007] [warn] Init: SSL server IP/port conflict: www.nicheserver.com:443 (/usr/local/directadmin/data/users/nicsad/httpd.conf:48) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:35 2007] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.tokyolondon.net:443 (/usr/local/directadmin/data/users/tokyo/httpd.conf:48)
[Sat Dec 15 03:58:35 2007] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Sat Dec 15 03:58:35 2007] [notice] Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8b DAV/2 PHP/5.2.4 configured -- resuming normal operations
[Sat Dec 15 03:58:48 2007] [error] [client ::1] File does not exist: /var/www/html/400.shtml
[Sat Dec 15 03:58:49 2007] [error] [client ::1] File does not exist: /var/www/html/400.shtml
[Sat Dec 15 03:59:10 2007] [error] [client ::1] File does not exist: /var/www/html/400.shtml
[Sat Dec 15 03:59:11 2007] [error] [client ::1] File does not exist: /var/www/html/400.shtml
[Sat Dec 15 03:59:12 2007] [error] [client ::1] File does not exist: /var/www/html/400.shtml
-------------------------END httpd_error_log

I have also posted this on DirectAdmin's forum, but because Im really nervous and dont know when they will answer I posted here too, cause this forum is used more

Server configuration
Linux CentOS5 DirectAdmin
Processor Name Intel(R) Xeon(R) CPU 3050 @ 2.13GHz
Vendor ID GenuineIntel
Processor Speed (MHz) 2133.507
Processor Name Intel(R) Xeon(R) CPU 3050 @ 2.13GHz
Vendor ID GenuineIntel
Processor Speed (MHz) 2133.507
Total Memory 2075520 kB
Free Memory 57004 kB - (Every time I cant access the websites, it is this low, then when I can access the websites again its
around 500mb)
Total Swap Memory 4192956 kB
Free Swap Memory 4192888 kB
Apache 2.2.6 Running
DirectAdmin 1.31.0 Running
Exim 4.67 Running
MySQL 5.0.45 Running
Named 9.3.3rc2 Running
ProFTPd 1.3.1 Running
sshd *** Stopped *** (I stopped it because my websites dont need it, in logs I could see that some sites, I dont know, were trying to acces it?)
vm-Pop3d 1.1.7f-DA-2 Running

View 11 Replies View Related

APF Accidentally Banned Someone

Mar 11, 2008

I've an interesting issue here. A client of mine was apparently banned from one of my servers and the problem has been narrowed down to the APF. What's odd is that he's not listed on /etc/apf/deny_hosts.rules file, nor is his IP blocked by iptables.

But, as soon as the APF is enabled he can't access anything on the server! This is very random, I've been using APF for just over a year now and I've never had a problem like this. But who's to say it's not happening to others as well?

View 5 Replies View Related

APF Can't Block Banned One Of The IP

Nov 30, 2007

Since some days I have a problem with apf: It can't BAN one of the Ip from file deny_hosts.rules. Other IP's are correctly banned. Of course in apf log are:

apf(28474): {trust} deny all to/from 88.84.141.233

but this ip still have access to my server and scan my ports. I have this problem after editing internals/rab.ports (I added some ports to RAB_PSCAN_LEVEL_2). I don't know how can I fix this problem.

Topic should have title: APF can't block one of the banned IP.

View 4 Replies View Related

SoftLayer Banned Me! What Is The Reason

Apr 25, 2009

I took server from Soft Layer

After four month they banned my account, When I talked to them they said we banned your account for tow days because we Suspicion about you and I waited them for tow days but nothing new, after that I sent all my evidences to them, the passport picture, driver's license, ID's card and Visa Card picture from front and back.

NOW!

I don't know the reason for banned my account, why they banned me?

View 14 Replies View Related

Remove Banned IP Addresses

May 19, 2008

How can make a cronjob for remove banned ip with CSF every 15min?

View 4 Replies View Related

IP Addresses Banned On Thu Sep 13 16:32:01 SGT 2007

Sep 13, 2007

Have been receiving the following warnings for more than a day. Does BFD auto execute a permanent ban or do I have to do it myself? If so, how? Also, I did a whois, found out the service provider, and sent an email regarding abuse. I have yet to receive a reply.

I was wondering since its a HK IP, do I have to send the message in chinese? Would anyone be kind enough to do so?

Quote:

Banned the following ip addresses on Thu Sep 13 16:32:01 SGT 2007

203.186.163.31 with 308 connections

View 6 Replies View Related

Hosting That Is Not Banned By Google PR Datacenter

Dec 19, 2005

I have found a host already ...

View 3 Replies View Related

Setting Up APF To Display A Error Page For Banned IPs

Sep 30, 2007

when you add a banned ip to APF it doesnt show anything when the user visits the site, just a blank page. is there anyway to set up a page such as "You IP Address has been banned,

View 4 Replies View Related

Plesk 12.x / Linux :: Helo Strings - IP Banned

Jul 13, 2015

I formatted my server and installed CENTOS 7 and PLESK 12. I have problems with cbl.abuseat.org. My ip enters in blacklist. I sent email to the support of abuseat.org and abuseat reply:

Please fix your HELO strings.

I check the my configuration and I think is correct:

- Reverse lookup is ok
- Hostname is ok (server.domain.tld)

But I have the file in /etc/sysconfig/network empty. There is only written: # Created by anaconda

Also, is correct the my etc/hosts file?

127.0.0.1 server.domain.tld server localhost4 localhost4.localdomain4
:: 1 server.domain.tld server localhost6 localhost6.localdomain6

View 12 Replies View Related

RCN Blacklist

Mar 24, 2007

I had a short-lived episode where one of my customers was spamming. I was able to shut it down quickly, but not quick enough to avoid getting SMTP blacklisted by RCN. The response from their mail servers is:

SMTP error from remote mail server after initial connection:
host mx.lnh.mail.rcn.net [207.172.157.50]: 554 mx05.lnh.mail.rcn.net

No information there on what blacklist system they use, or how to get de-listed. Nothing that I can find on RCN's web site. Mail to postmaster is ignored. Mail to support is ignored. Can't get past 1st-level support over the phone. I'm stuck. Blacklisted and can't get off.

Anyone dealt with this with RCN before?

View 4 Replies View Related

ISP Mailserver Blacklist

May 8, 2009

I have an issue with o2 - some of their mailservers have blacklisted IPs and hence mail doesn't get delivered to recipients whose ISPs subscribe to the specific blacklists.

Questions:

1 If mail is not delivered, will I ALWAYS know about it?

I've had bounce notifications from one specific ISP, but I'm wondering whether in other cases the mail will just not get through and I'll not know about it.

2 I'm aware of problems with two specific o2 IPs:
82.132.130.151
82.132.130.169

View 3 Replies View Related

Blocked Using 88.blacklist.zap

May 25, 2009

I have exim mailserver (cpanel based),and when i send mails to some domains i have got the following error

550 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com

How can i solve this issue ? How can i avoid my IP from listing in 88.blacklist.zap?

View 1 Replies View Related

Fraud Blacklist

May 21, 2008

We've had a couple cases of fraud recently, and have blacklisted the IPs (which turned out to be proxy servers) of the perpetrators. It got me thinking... has anybody put together any kind of IP blacklist for fraudulent orders? Something like a DNSBL for spam, but focused on IPs that fraudsters use?

View 5 Replies View Related

Provider Blacklist

Jul 11, 2007

if there should be a "provider blacklist".

There are some companies whose reviews are mostly bad, and its not just one but many.

Some examples :

- SurfSpeedy
- BuyAVPS

It should steer new users from these companies as it will leave them negative impressions of an otherwise good sector of the hosting market.
Of course, these should be backed up by evidence.

View 14 Replies View Related

Spam/blacklist Verification

Apr 10, 2007

Can I ask what is the website where I can check if a server IP has been blacklisted?

View 2 Replies View Related

SkyNetHosting Firewall Keeps Blacklist Me And My Clients

Nov 3, 2009

I am a reseller for SkyNetHosting.Net for about 3 months now and yes we are new in hosting business. For this pass 2 months I'm having issues with my host server firewall. Every time I get myself blacklist I have to summit a ticket asking for my IP to be whitelist. Its fine with me but I don't think my clients are happy with this as we are getting almost 90% non-renewal rate..

They keep saying its my fault.. Ok, I can take that.. But how do I explain to my clients and most importantly my client's visitors??

Is there anything on the firewall settings that they should tweak to minimize this?

I never had any problem when I was at hostgator...

My user experience with you guys so far has been excellent, especially the support department and if I were to single out your tech support employee, it has to be Nathan. Thumbs up for his fast and reliable support.

However I have one major complain.. And that is your firewall issue as I keeps getting block/blacklist even for a mere moment of connecting to Luna Server for less than 10sec. Yes, you heard me.. just 10sec after i login to the internet and browse my sites there is a high possibility of my IP getting blacklist.

We're not a pure web hosting company, we received more web design projects where by they also host their website on our server. So you see, we maintain most of our clients website and regular FTP to multiple websites are required.

Here are the list of things I would do 1st thing when I login to internet, including my employee and my business partner. So if we multiply the below by 4 .. We will get blacklist for sure, most of the times!!

1. Login WHMCS
2. Login Livezilla Chat Support
3. Login webmail to check emails
4. FTP Updates on clients sites

I hope you guys can re-look into the firewall sensitivity settings where by it reduce or better still does not effect us business wise.

My Host reply to ticket

Hello,

I recommend to change ALL your FTP/cPanel passwords at once and if you are saving them on browser, FTP clients not to do it anymore. If possible try to login from a deferent clean laptop/PC and see if you get the same problem.

Kind Regards,
Jessica S.

---------------------------------------------
Hello,

Customers who save their FTP login credentials in FTP softwares like FileZilla, Cute-FTP, WS_FTP-Pro, Dreamweaver or Frontpage are prone to malicious scripts injections from their PC's using their legit cPanel login details via FTP and the owner of the domain/account were not even aware of it. Your login credentials are leaked to the hackers once a Trojan or Virus gets installed on your Windows Machine.

The easiest way to save your login credentials would be, to save them in a text document without saving the Domain name or Login Host information in the same document. To be absolutely sure your FTP account won’t get compromised, we highly recommend you choose a strong password which contains a combination of upper and lower case letters, numbers and special characters such as $?£;: while adding a new FTP login name from your cpanel control panel. If you manage multiple websites may not like this change, but losing your data and then losing your rankings in Search Engines will create more trouble.

Few reads about this:

http://www.lexiconn.com/blog/2009/08...he-rise-again/
http://www.sitepoint.com/forums/show....php?p=4380314
http://forums.majorgeeks.com/showthread.php?t=196915

Thank you for your time.

Best Regards,
SkyNetHosting.Net Inc.

Honestly I don't think this issue can be resolve on the user end as we are currently facing a monthly non-renewal rate of 90% from our clients. If this goes on we would end up losing our reputation and most importantly our business.

Yes, I can tell them the same message that your tech support replied to me. But my clients do not understand and they would rather find a host that are less complicated "firewall sensitive". Is there somehow you can recalibrate the firewall sensitivity, so we all can have our peace?

My client on chat support

Hi Chester.

My Cpanel username is 'justin'.

This is with regards to my problem with the IP whitelist.

I need a no-nonsense answer.

I have visitors from the US complaining that they cannot view my site.

I cannot possibly be whitelisting everyone.

So, is it possible to tweak the filtering/firewall settings?

If it is not possible, I would like to exercise my money-back guarantee and close my account.

I would like a day to download my files and databases if that is possible.

I can pay a pro-rated amount.

View 0 Replies View Related

Httpd.conf + IP-based Blacklist

Jan 19, 2008

I'd like to keep an IP blacklist, and have Apache enforce it. Because I want it to apply server-wide, I want to use it in httpd.conf, not .htaccess.

Rather than constantly editing httpd.conf by hand, I'd like to keep a file of IPs, and have Apache read that file and use it as the argument for a "deny from..." directive. Try as I might, I cannot find any documentation, nor any examples, of this usage. Is this something that's possible?

(It turns out that Apache doesn't honor /etc/hosts.deny, hence this question.)

View 8 Replies View Related

Starting Known Blacklist Thread Hopefully People Can Keep It Going

Dec 16, 2008

As of 12-15-08 our spam system has learned and blocked these addresses. Check attachment for your records help stop spam at the source.

View 9 Replies View Related

Realtime DNS Blacklist Fed By Reporting Admins

Jan 26, 2007

Wondering if anyone knows of an email DNSBL that are have a real time reporting tool which directly feeds the DNSBL?

I have been using Spamcop for reporting in hopes I might be able to get some IP's listed. However so far I have not seen any IP's listed until many hours or days after they are reported (possibly going through a validation process?).

Wondering if anyone knows a more pro-active DNSBL that is fed directly by reporting and administrators?

View 2 Replies View Related

Domain Flagged For Malware; How To Correct Blacklist

Apr 29, 2009

A Wordpress install on one of my domains was compromised a few months ago, and there was a 4-hour window in which the site contained an iframe injection that lead to a malware site.

The problem was corrected, and Google stopped flagging the site as malicious within a few hours after the fix. However, every once in a while I still hear of people having problems accessing the site, all of them I think from within large corporate networks.

Are there a few common list providers that these corporate networks are likely to be subscribing to? Is there a way I can submit the domain for reevaluation? If not, how long would you think a domain would have to be clean in order to repair its reputation on these lists?

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved