LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   ConfigServer Firewall problem - website not accessable from other places (http://www.linuxquestions.org/questions/linux-security-4/configserver-firewall-problem-website-not-accessable-from-other-places-4175443541/)

sohailkmu 12-31-2012 12:51 AM

ConfigServer Firewall problem - website not accessable from other places
 
Dear All,

We have our website hosted at virtual private server with a web hosting provider.

ConfigServer Firewall was disabled on it. I just enabled it but the problem is that it can only be accessed in places whose static ip are mentioned in firewall allow file.

We want our site to be accessed from all over the world with firewall enabled.

Kindly help urgently,

Thanks

Chidokato 01-01-2013 05:35 AM

Config your firewall again, delete ip restriction or set allow from all.

sohailkmu 11-01-2013 10:24 PM

Quote:

Originally Posted by Chidokato (Post 4860565)
Config your firewall again, delete ip restriction or set allow from all.

When I set 0.0.0.0/0 in csf.allow.

then it allows every ip. Can u please tell me how to delete ip restriction.

Thanks

unSpawn 11-02-2013 01:06 PM

Since the product information page claims their product is
Quote:

comprehensive, straight-forward, easy and flexible to configure
you probably should invest time reading the documentation first. That's no guarantee because the part leading up to that line reads
Quote:

We have developed an SPI iptables firewall
which basically is marketoid language to disguise the fact it's nothing more than a (hyped up overrated) front-end. Now if you would choose to use the default iptables interface Linux comes with for firewalling it would be easier to help you...

sohailkmu 11-07-2013 10:56 AM

Quote:

Originally Posted by unSpawn (Post 5057207)
Since the product information page claims their product is you probably should invest time reading the documentation first. That's no guarantee because the part leading up to that line reads which basically is marketoid language to disguise the fact it's nothing more than a (hyped up overrated) front-end. Now if you would choose to use the default iptables interface Linux comes with for firewalling it would be easier to help you...



Kindly help me.It blocks an IP but then it says that ip match in csf.allow may not block permanently.

sohailkmu 11-11-2013 10:53 PM

Quote:

Originally Posted by sohailkmu (Post 5060119)
Kindly help me.It blocks an IP but then it says that ip match in csf.allow may not block permanently.

Please give your expert opinion.

I am pasting some information. Kindly help me to stop this menace.

1Vg56Q-0003Uk-HK-H
root 0 0
<root@server.xxxxxxx>
1384228642 0
-ident root
-received_protocol local
-body_linecount 11
-max_received_linelength 155
-allow_unqualified_recipient
-allow_unqualified_sender
-deliver_firsttime
XX
1
root@xxxxxxxxxx

190P Received: from root by server.xxxxxx with local (Exim 4.80.1)
(envelope-from <root@xxxxxx>)
id 1Vg56Q-0003Uk-HK
for root@server.xxxxxx; Tue, 12 Nov 2013 08:57:24 +0500
011* From: root
009* To: root
027T To: root@server.xxxxxx
069 Subject: lfd on server.xxxxx: blocked 115.47.26.67 (CN/China/-)
032F From: <root@server.xxxxxx>
050I Message-Id: <E1Vg56Q-0003Uk-HK@server.xxxxxx>
038 Date: Tue, 12 Nov 2013 08:57:22 +0500

Data spool file

1Vg56Q-0003Uk-HK-D
Time: Tue Nov 12 08:57:17 2013 +0500
IP: 115.47.26.67 (CN/China/-)
Failures: 5 (smtpauth)
Interval: 3600 seconds
Blocked: Permanent Block (IP match in csf.allow, block may not work)

Log entries:

2013-11-12 08:16:10 fixed_login authenticator failed for (21cn.com) [115.47.26.67]:4649: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:30:23 fixed_login authenticator failed for (gw.com.cn) [115.47.26.67]:1516: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:44:08 fixed_login authenticator failed for (zhaodaola.com.cn) [115.47.26.67]:3111: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:44:54 fixed_login authenticator failed for (kotis.net) [115.47.26.67]:3766: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:57:05 fixed_login authenticator failed for (tsinghua.edu.cn) [115.47.26.67]:3942: 535 Incorrect authentication data (set_id=info@xxxxxx)

unSpawn 11-13-2013 01:44 AM

It seems you lack working knowledge of CSF:
Quote:

Originally Posted by sohailkmu (Post 5062925)
Code:

Blocked:  Permanent Block (IP match in csf.allow, block may not work)

plus now there's two threads on the same subject so I'm closing this one. Please continue here: https://www.linuxquestions.org/quest...2/#post5063538 .


All times are GMT -5. The time now is 05:46 PM.