directadmin port 2222 problems

R

Rijko

New member
Joined
Jun 30, 2007
Messages
4
Hi all,

I have a problem that i can not solve myself, maybe it is easy for some of you!

I can't acess my my directadmin pages for my domains at http://www.ebens.org:2222 and http://www.vanessa-mae.nu:2222. I used to use explorer 7.0, but started to use Opera now, but neither of the 2 works. Till this morning, everything was going well. Perhaps my port 2222 was blocked for some unknown reason, at least to me.

Is there anyone able to help me out? My internet provider says that everything is functioning alright, and so does the host for my websites.
 
It is opening up for me fine, are you still able to SSH into the servers? If you are, open up the file "/usr/local/directadmin/data/admin/ip_blacklist" and, if there are any IPs in there, delete them and try pulling up the page again.

Also, check your IPtables (iptables --list) for any IP blocks to port 2222 and remove them as one of them could be you as well if you are using something like BFD.
 
Hi Marshall

Yes, I am able to SSH via FTP but I cannot find the file you've mentioned.

Rijko
 
Ok, now both aren't working for me either, when you SSH in do a "service directadmin restart" into the shell and see if it is outputting any errors (the service command is RedHat/CentOS only, if you are on another system then look for the init script in /etc/init.d or /etc/rc.d for directadmin and use it to restart the service and look for errors). Also do a "ps ax" to make sure that directadmin is running and check the directadmin logs in /var/log/directadmin for any errors being output to there.
 
Sorry Marshall, I have no idea how to do that. I do not see anything pointing towards directadmin. I cannot restart that; I suppose that is for the hosting company only.

Rijko
 
I have see the same problem yesterday. I grep my ip address in /var/log/directadmin/security.log:

[root@s1 directadmin]# cat /var/log/directadmin/security.log | grep [my ip address]
2007:05:06-20:34:52: [my ip address] has tried to log in 10 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:34:53: [my ip address] has tried to log in 11 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:08: [my ip address] has tried to log in 12 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:09: [my ip address] has tried to log in 13 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:09: [my ip address] has tried to log in 14 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:18: [my ip address] has tried to log in 15 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:22: [my ip address] has tried to log in 16 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:23: [my ip address] has tried to log in 17 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:28: [my ip address] has tried to log in 18 times, unsuccessfully, this time into (null)'s account ***
2007:05:06-20:35:31: [my ip address] has tried to log in 19 times, unsuccessfully, this time into (null)'s account ***
2007:06:18-20:55:36: *** [my ip address] has tried to login with an invalid username: 'demo_user' ***
2007:06:18-20:55:43: *** [my ip address] has tried to login with an invalid username: 'demo_user' ***
2007:07:02-18:32:08: [my ip address] has tried to log in 10 times, unsuccessfully, this time into (null)'s account ***
2007:07:02-18:32:08: Adding [my ip address] to the blacklist file: /usr/local/directadmin/data/admin/ip_blacklist

[root@s1 directadmin]#

DA has blocked my ip after one wrong (?) authorization. I has delete my ip from blacklist file in DA, but I have tried again and DA not blocked me and not logging failed login in security log.

Bug?

And in my log 2007:05:06 a tried login 20 times and DA not blocked me...

My Server on RedHat ES 4 + last version DA.
 
seems clicking page refresh 3 times has blocked me :eek:
can you access DA and see what the setting for attempts is set at?
or is this a bug?
 
Ya, it seems like there is something along the lines of BFD in front of the server set to be REAL aggressive? I just tried refreshing it over and over and got blocked the 3rd time as well. You may want to contact your host and ask them to check the firewall to allow you back in to port 2222, and possibly lower the settings of whatever is causing this to be less aggressive.
 
You must log in or register to reply here.
Back
Top