Want more timely Centmin Mod News Updates?
Become a Member

CSF Csf block Invision license URL?

Discussion in 'Other Centmin Mod Installed software' started by pamamolf, Jun 7, 2019.

  1. pamamolf

    pamamolf Premium Member Premium Member

    3,304
    318
    83
    May 31, 2014
    Ratings:
    +588
    Local Time:
    3:31 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    Hello

    Today at one of my server i got a warning about my License for invision and after checking the server seems that i snot able to contact the Invision license url:

    Code:
    remoteservices.invisionpower.com
    Code:
    ping remoteservices.invisionpower.com
    PING remoteservices.invisionpower.com (13.32.215.143) 56(84) bytes of data.
    From server.mydomain.com (123.456.789.000) icmp_seq=1 Destination Port Unreachable
    ping: sendmsg: Operation not permitted
    That started 2 hours ago and from there support all seems ok from there end....

    I didn't adjust anything on the server from my end and i clear also some deny ip's from csf and restart it.

    But nothing i can't ping it :(

    Any ideas?

    Thank you
     
  2. eva2000

    eva2000 Administrator Staff Member

    40,276
    8,926
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,746
    Local Time:
    10:31 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    did you do any country level or ISP ASN level blocking in CSF Firewall ? check that the country block didn't block invisionpower.com's IP geo location determined country or grep CSF Firewall logs for the their IP and see
    Code (Text):
    csf -g 13.32.215.143
     
  3. pamamolf

    pamamolf Premium Member Premium Member

    3,304
    318
    83
    May 31, 2014
    Ratings:
    +588
    Local Time:
    3:31 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    No country bans !
    Whitelisting the ip maybe will not help as the ip changes as they use Cloudfront and the ip is dynamic....

    When i close the firewall it works !

    Don't know :(

    Code:
    csf -g 13.32.215.143
    
    Table  Chain            num   pkts bytes target     prot opt in     out     source               destination       
    
    filter DENYIN           4       53 29674 DROP       all  --  !lo    *       13.32.215.143        0.0.0.0/0
    
    filter DENYOUT          4     3140  191K LOGDROPOUT  all  --  *      !lo     0.0.0.0/0            13.32.215.143
    
    IPSET: No matches found for 13.32.215.143
    
    Temporary Blocks: IP:13.32.215.143 Port: Dir:inout TTL:86400 (lfd - (CT) IP 13.32.215.143 (US/United States/server-13-32-215-143.cdg54.r.cloudfront.net) found to have 104 connections)
    Temporary Blocked ?

    Where is this so i can clear it?
     
    Last edited: Jun 7, 2019
  4. pamamolf

    pamamolf Premium Member Premium Member

    3,304
    318
    83
    May 31, 2014
    Ratings:
    +588
    Local Time:
    3:31 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    Code:
    csf -tf
    Problem solved :)

    Is it a good idea to add Cloudfront ip adresses as we do with Cloudflare at whitelist on csf ?

    Thanks
     
  5. pamamolf

    pamamolf Premium Member Premium Member

    3,304
    318
    83
    May 31, 2014
    Ratings:
    +588
    Local Time:
    3:31 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    Today i got the same issue again with some Cloudfront ip's temporarly banned for checking the Invision license.

    @eva2000

    Do you think that it will be a good idea to add them to csf as you did with Cloudflare?

    Can you do that please?

    Thank you
     
  6. pamamolf

    pamamolf Premium Member Premium Member

    3,304
    318
    83
    May 31, 2014
    Ratings:
    +588
    Local Time:
    3:31 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    The issue seems to be from there end....:

    But it may be good to have that ip's whitelisted or as a script for anyone will need that?
     
  7. eva2000

    eva2000 Administrator Staff Member

    40,276
    8,926
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,746
    Local Time:
    10:31 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Amazon Cloudfront's IP range is huge so whitelisting such probably not a good idea as alot of folks use Amazon IPs due to their AWS services.
     
    • Agree Agree x 1
..