HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   IPSCoonfig is not avaliable after few hours server has been rebooted (http://www.howtoforge.com/forums/showthread.php?t=54145)

emanation 15th September 2011 17:13

IPSCoonfig is not avaliable after few hours server has been rebooted
 
So, I have CentOS 6 and everything work great.
But after few hour some time 1 day IPSConfig is not avaliable anymore though all other services are working great. I get "Server doesn't respond" message at browser. In fact I use non standard port for IPSConfig. It's not 8080. And I use SSL connection only.
After rebooting server ISPConfig is available with out any problem.
Is there any critical service which could stop itself and it's dependence to be workable IPSConfig? And what I should check when IPSConfig doesn't opens.
Thanks.

till 15th September 2011 17:36

ISPConfig itself is not a service, so it can not be stopped or started. The ispconfig interface is available trogh apache, so when you are unable to reach the ispconfig web interface, then there is a problem with the apache webserevr. You should check if apache is started and if there are any errors in the apache error.log file.

emanation 16th September 2011 07:20

Hello.
I explained wrong. I could investigate that apache is down or running.
But when IPSConfig is not opening other sites are workable. So, apache service is working. But for some reason it doesn't process request on IPSConfig port but handles port 80 requests.
That is strange.

falko 16th September 2011 10:43

Did you check Apache's error log?

Do you use something like fail2ban that could have locked you out?

Did you check your client PC's firewall it it prevents access to port 8080?

emanation 16th September 2011 11:46

Quote:

Do you use something like fail2ban that could have locked you out?
You are right. It's fail2ban. This service is running. After stop it and make command 'iptables --flush' IPSConfig opens again.
In addition fail2ban blocks exactly port but not my or certain IP only. Because IPSConfig is not available from any hosts when blocked.

For now I exclude fail2ban from autostart.
But what do you suggest to me? Is it possible to get running fail2ban and workable IPSConfig?

Thanks.

falko 17th September 2011 11:09

Can you post your fail2ban configuration?

Is it possible you had multiple failed login tries on another service on your server (like POP3, SMTP, etc.)? That might be the reason why fail2ban blocked you.

emanation 18th September 2011 19:07

it's standard, I have not changed it. Now it contains (commented lines are excluded)
Code:

[Definition]
loglevel = 3
logtarget = SYSLOG
socket = /var/run/fail2ban/fail2ban.sock

Also there are jail.conf file. I also removed all commented lines.
Code:

[DEFAULT]
ignoreip = 127.0.0.1
bantime  = 600
findtime  = 600
maxretry = 3
backend = auto

[ssh-iptables]
enabled  = true
filter  = sshd
action  = iptables[name=SSH, port=ssh, protocol=tcp]
          sendmail-whois[name=SSH, dest=root, sender=fail2ban@mail.com]
logpath  = /var/log/secure
maxretry = 5

[proftpd-iptables]
enabled  = false
filter  = proftpd
action  = iptables[name=ProFTPD, port=ftp, protocol=tcp]
          sendmail-whois[name=ProFTPD, dest=you@mail.com]
logpath  = /var/log/proftpd/proftpd.log
maxretry = 6

[sasl-iptables]
enabled  = false
filter  = sasl
backend  = polling
action  = iptables[name=sasl, port=smtp, protocol=tcp]
          sendmail-whois[name=sasl, dest=you@mail.com]
logpath  = /var/log/mail.log

[ssh-tcpwrapper]
enabled    = false
filter      = sshd
action      = hostsdeny
              sendmail-whois[name=SSH, dest=you@mail.com]
ignoreregex = for myuser from
logpath    = /var/log/sshd.log

[apache-tcpwrapper]
enabled  = false
filter  = apache-auth
action  = hostsdeny
logpath  = /var/log/apache*/*error.log
          /home/www/myhomepage/error.log
maxretry = 6

[postfix-tcpwrapper]
enabled  = false
filter  = postfix
action  = hostsdeny[file=/not/a/standard/path/hosts.deny]
          sendmail[name=Postfix, dest=you@mail.com]
logpath  = /var/log/postfix.log
bantime  = 300

[vsftpd-notification]
enabled  = false
filter  = vsftpd
action  = sendmail-whois[name=VSFTPD, dest=you@mail.com]
logpath  = /var/log/vsftpd.log
maxretry = 5
bantime  = 1800

[vsftpd-iptables]
enabled  = false
filter  = vsftpd
action  = iptables[name=VSFTPD, port=ftp, protocol=tcp]
          sendmail-whois[name=VSFTPD, dest=you@mail.com]
logpath  = /var/log/vsftpd.log
maxretry = 5
bantime  = 1800

[apache-badbots]
enabled  = false
filter  = apache-badbots
action  = iptables-multiport[name=BadBots, port="http,https"]
          sendmail-buffered[name=BadBots, lines=5, dest=you@mail.com]
logpath  = /var/www/*/logs/access_log
bantime  = 172800
maxretry = 1

[apache-shorewall]
enabled  = false
filter  = apache-noscript
action  = shorewall
          sendmail[name=Postfix, dest=you@mail.com]
logpath  = /var/log/apache2/error_log

[php-url-fopen]
enabled = false
port    = http,https
filter  = php-url-fopen
logpath = /var/www/*/logs/access_log
maxretry = 1

[lighttpd-fastcgi]
enabled = false
port    = http,https
filter  = lighttpd-fastcgi
logpath = /var/log/lighttpd/error.log
maxretry = 2

[ssh-ipfw]
enabled  = false
filter  = sshd
action  = ipfw[localhost=192.168.0.1]
          sendmail-whois[name="SSH,IPFW", dest=you@mail.com]
logpath  = /var/log/auth.log
ignoreip = 168.192.0.1

[named-refused-udp]
enabled  = false
filter  = named-refused
action  = iptables-multiport[name=Named, port="domain,953", protocol=udp]
          sendmail-whois[name=Named, dest=you@mail.com]
logpath  = /var/log/named/security.log
ignoreip = 168.192.0.1

[named-refused-tcp]
enabled  = false
filter  = named-refused
action  = iptables-multiport[name=Named, port="domain,953", protocol=tcp]
          sendmail-whois[name=Named, dest=you@mail.com]
logpath  = /var/log/named/security.log
ignoreip = 168.192.0.1


falko 19th September 2011 20:31

Are you sure you can connect on port 80 while port 8080 is blocked? Maybe it's just your browser cache, because if fail2ban blocks you, you shouldn't be able to connect to the server, no matter what port you use.

emanation 20th September 2011 05:44

I don't use port 8080 for ISPConfig. It's another port. I made it for secure. let say it's port 8123

falko 20th September 2011 10:31

That doesn't matter. Can you connect to port 80 while your ISPConfig port is blocked?


All times are GMT +2. The time now is 10:37.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.