Please advise why I get this error? Couldn't access ftp and my server ip as well.
CSF firewall related CSF - CSF Firewall info | Centmin Mod Community and CSF Firewall - Centmin Mod - Menu based Nginx installer for CentOS servers more info might be helpful What version of Centmin Mod ? .07 stable or .08 beta ? If .08 beta when was it installed and when was last time you updated the .08 beta code (there's constant updates to the code). What's your VPS/Server hardware specifications ? Xen/KVM/OpenVZ ? cpu type ? memory available ? disk space ? OS and version ? i.e. CentOS 6.6 or 7.1 ? Who's your web host ? Your ISP ip address static/dynamic ? What were you doing connection wise to your server leading up to the blockage ?
If you're on dynamic ip, you may need additional steps CSF Firewall as per Getting Started Guide step 4
1. .07 stable 2. 1GB RAM - 30GB SSD (where can I see that info?) OS CentOS 6.6 3.DigitalOcean 4.Dynamic 5.I'm connected on FTP, and putty.. browsing directory, then suddenly it stops.
Can you access SSH via DigitalOcean VNC Console ? If you can, check if you ips are blocked using csf -g grep command Code: csf -g YOURIPADDRESS commands you can see for csf via Code: csf -h whitelist your ISP range of ips if you know the range Code: csf -a IPADDRESSORRANGE remove temp and permanent blocks from csf Code: csf -tr IPADDRESS csf -dr IPADDRESS also check CSF /var/log/lfd.log for clues Code: tail -50 /var/log/lfd.log If you're on dynamic ip, you may need additional steps CSF Firewall as per Getting Started Guide step 4
very active firewall , why was block triggered? I switched to static, and whitelisted my dynamic, dunno the range but using commands above says no matches records on my last acquired dynamic ip.
yeah you'd need to investigate further with the logs and csf/lfd logs another log is /var/log/messages you can grep it for your ips Code: grep IPADDRESS /var/log/messages
Code: Jun 4 11:52:31 fast lfd[22807]: (sshd) Failed SSH login from 117.xxx.42.246 (IN /India/-): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD] Jun 4 12:04:11 fast lfd[22725]: (sshd) Failed SSH login from 61.xx.220.124 (KR/ Korea, Republic of/-): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD] see result after firing above command please advise? thanks
that's normal CSF lfd blocks failed SSH log in attempts after so many attempts.. unless those ips are you ip address then you don't need to worry about that
Code: 10:58:10 fast lfd[3426]: 90.xxx.xxx.247 (RU/Russian Federation/247.122-157-90.telenet.ru), 5 distributed sshd attacks on account [admin] in the last 3600 secs - *Blocked in csf* [LF_DISTATTACK] see above for reference..