Sysadmin Can not login ssh and ping when csf enable

CSF Firewall whitelists common ports needed for ssh, sftp, rsync or file transfers from remote servers. If you disable CSF Firewall, those ports maybe blocked and not whitelisted. Centmin Mod LEMP stack installs CSF Firewall out of the box, so to be able to remotely connect to external servers, you need to whitelist and allow the remote IP address see the info below:

• Getting Started Guide step 4
• centminmod.com/csf_firewall.html
• CSF - CSF Firewall info

That should allow file transfer from remote servers to your Centmin Mod server.

Are you using the pure-ftpd ftp user account to transfer files ? See FAQ items 40 & 41 for details and clues.

 

More for troubleshooting

CSF firewall related CSF - CSF Firewall info

more info might be helpful

1. What version of Centmin Mod ? .08 stable or .09 beta ? If .09 beta when was it installed and when was last time you updated the code ?
2. What's your VPS/Server hardware specifications ? Xen/KVM/OpenVZ ? cpu type ? memory available ? disk space ? OS and version ? i.e. CentOS 6.7 or 7.2 ?
3. Who's your web host ?
4. Your ISP ip address static/dynamic ?
5. What were you doing connection wise to your server leading up to the blockage ?
6. If you're on dynamic ip, you may need additional steps CSF Firewall as per Getting Started Guide step 4
7. Other steps: Does your web host offer out of band VNC/KVM/IPMI Console access? If you can, check if you ips are blocked using csf -g grep command
   
   Code:

   csf -g YOURIPADDRESS

   commands you can see for csf via
   
   Code:

   csf -h

   whitelist your ISP range of ips if you know the range
   
   Code:

   csf -a IPADDRESSORRANGE

   remove temp and permanent blocks from csf
   
   Code:

   csf -tr IPADDRESS
   csf -dr IPADDRESS

   also check CSF /var/log/lfd.log for clues
   
   Code:

   tail -50 /var/log/lfd.log

   another log is /var/log/messages you can grep it for your ips
   
   Code:

   grep IPADDRESS /var/log/messages

   and your /var/log/secure
   
   Code:

   tail -20 /var/log/secure

Do you have a VPN connection you can use ? Try using that to SSH into your server. If you have VPN like private one with dedicated IP, you can also whitelist that VPN IP in CSF Firewall. That's what i usually do so have multiple avenues to connect to server via SSH.

If you use DigitalOcean or solusVM based web host VPS they have consoles you can use to connect to your server out of band so you can access your server SSH and unblock yourself from CSF Firewall if needed. Once SSH'd in via console, check if your ISP IP has been blocked by

grepping csf firewall ips

Code (Text):

csf -g ISPIPADDRRESS

if blocked remove your ISP IP address from /etc/csf/csf.deny and restart CSF Firewall
or via command

Code (Text):

csf -dr ISPIPADDRESS

• DigitalOcean Console How To Use the DigitalOcean Console to Access your Droplet | DigitalOcean
• Linode Lish Using the Linode Shell (Lish)
• SolusVM Console Namecheap.com Knowledgebase • How to manage your VPS with SolusVM
  (VPS)

 

yes ok as long it's done as outlined at Pure-FTPD Virtual FTP Users - CentminMod.com LEMP Nginx web stack for CentOS

your local system java security settings probably blocking you

• https://knowledgelayer.softlayer.com/faq/why-cant-i-connect-kvm-console
• Java Warning when launching IPMI KVM console

as to dynamic ip visit https://www.iplocation.net/ and it will tell you or type in google search "ip check"