DA on Port 2222 and SSH lockouts

[jonathanc]

I keep getting blocked out of a DA server simultaneously on both SSH and DA on 2222. I haven't manged to time a block from start to finish, but could be 20mins plus. Other services such as http and ftp are reachable.

Also there seems to be different effects on different server addresses. If I am locked out on main server IP I seem to be able to to login to 2222 on another IP on the server. I also seem to be able to sneak in on SSH using another IP address (not main IP). This is unpredictable and sometimes there is a long wait but I can get in on a different IP address while the main IP is blocked.

if I telnet to non-main IP during block I get

telnet <my_non_main_ip> <my_ssh_port>
Trying xxx.xxx.xxx.xxx...
Connected to <my domain>
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3

telnet to main IP, I get
telnet <my_main_ip> <my_ssh_port>
Trying yyy.yyy.yyy.yyy...

I have CSF running on the server. But even if I disable CSF I do not seem to get SSH or DA 2222 access.

I can't find any reference to my IP in block files and can not identify what could be causing these lock outs.

Does anyone have any ideas?

Thank you


Jonathan

 

[ben29]

which error you getting from ssh ? and directadmin ?
p.m if you need help

 

[jonathanc]

Hi Ben. Just times out. No errors - that's part of the problem I can't see any errors/blocks anywhere that might explain. Can't see anything in any log that seems to tie up. Jonathan

 

[SeLLeRoNe]

If you change IP and you log into DA you can go to the CSF configuration and check the permanent and the temp bans in order to understand why your IP was blocked.

Best regards

 

[zEitEr]

Hello,

Both Directadmin and CSF/LFD when blocking an IP do not block it selectively per destination IP bases. So you get banned to only one destination IP, then hardly can it be caused by Directadmin or CSF/LFD, unless you customized them. Probably it's something else either on your client device side or at server provider's.