PDA

View Full Version : sites no longer resolving


jcombs_31
23rd April 2009, 23:09
All of a sudden I've noticed a couple sites that I have set up in ispconfig3 are no longer resolving. My main domain that I used to set up is resolving, but none of the other sites. To be honest, I'm not quite sure where to look for the appropriate logs. I don't see anything referencing mydns in /var/log

The strange thing is, the domains resolve when I check from the VPS, but don't resolve checking from home or anywhere else.

till
24th April 2009, 10:58
Then you should check if the correct nameservers are set at the domain registry.

jcombs_31
24th April 2009, 13:44
They are, these sites have been running fine for a few months now. All of a sudden I can't resolve them. Stranger yet, I had someone in another location check and they were able to resolve the domains. All of a sudden I'm also blocked out of ssh. My control panel is still running and my other sites are too, I just checked from work and I can see them and resolve them.

Its like my home computer(IP) has been blacklisted.

falko
24th April 2009, 15:45
Are you using fail2ban, Blockhosts or DenyHosts on the server? If you have made too many failed login attempts, then you probably got blocked by these tools.

jcombs_31
24th April 2009, 15:51
Are you using fail2ban, Blockhosts or DenyHosts on the server? If you have made too many failed login attempts, then you probably got blocked by these tools.

Yes, but I don't recall ever failing a login attempt. The million dollar question is, if that is the case, how does one regain access to a remote system that has blocked you?

I'm working with the host support, they said they cleared /etc/hosts.deny, but I'm still getting a refused connection.

jcombs_31
24th April 2009, 16:19
The support told me they cleared the hosts.deny, but clearly they did not. I had someone login for me and clear out my IP address. What scares me though is why this happened to begin with. I had both fail2ban and denyhosts installed, should I only use 1 or the other?

jcombs_31
24th April 2009, 21:50
I'm still unable to resolve from my home IP address. I can login to the control panel but can't resolve my other sites. They resolved fine from work and I've had a few other people check with no problems.

Is there any other setting that could block access to DNS for this IP?

edit: looks like might have been my router or atts dns. I added another entry and was able to resolve.

falko
25th April 2009, 11:48
I had both fail2ban and denyhosts installed, should I only use 1 or the other?Yes, just use one.
If you're using fail2ban, you're probably being blocked by iptables, not /etc/hosts.deny.

http://debianclusters.cs.uni.edu/index.php/Fail2Ban:_Preventing_Brute_Force_SSH

jcombs_31
25th April 2009, 20:36
No, it was definitely in hosts.deny. Do you have a recommendation on which to use?

falko
26th April 2009, 13:27
Denyhosts can just secure SSH, while fail2ban can protect also other services. If you just want to protect SSH, then it doesn't matter which one you use - they both do the same great job. :)