how to unblock a ip due to number of ssh login fail attempted ?
- Thread starter adrianmak
- Start date
I got this post
http://forum.directadmin.com/showthread.php?t=28035
However I could not find ip_blacklist file under /usr/local/directadmin/data/admin
http://forum.directadmin.com/showthread.php?t=28035
However I could not find ip_blacklist file under /usr/local/directadmin/data/admin
nobaloney
NoBaloney Internet Svcs - In Memoriam †
It's probably been blocked by your firewall. There are many firewalls, so I won't attempt to tell you how to fix it.
Jeff
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Good point. Be careful when adding your own IP# to make sure you're adding it to a whitelist, and not a blacklist.
If you've got more than one system you can shell into one which works, and then from there into the one you've accidentally blacklisted, and stop the firewall from the command line, but not all of us have the luxury. Or if you've got a static /29 (we do, temporarily log in from another one of your IP#s. Our provider only charges us an additional $5/month for a /29 over a /30, so we pay for it happily to have the safety net.
We've recently starting provisioning only servers that come with IPMI so we have a built-in visutal KVM in all our new servers. When our old servers are all decommissioned (next few months) we'll be able to log into any machine in the DC without help or expensive dedicated KVMs.
Jeff
If you've got more than one system you can shell into one which works, and then from there into the one you've accidentally blacklisted, and stop the firewall from the command line, but not all of us have the luxury. Or if you've got a static /29 (we do, temporarily log in from another one of your IP#s. Our provider only charges us an additional $5/month for a /29 over a /30, so we pay for it happily to have the safety net.
We've recently starting provisioning only servers that come with IPMI so we have a built-in visutal KVM in all our new servers. When our old servers are all decommissioned (next few months) we'll be able to log into any machine in the DC without help or expensive dedicated KVMs.
Jeff
Richard G
Verified User
Did your ip changed then or something? Because normally if you install CSF, your ip will already be added to csf.allow automatically.
If you put it in csf.deny now, it will remain in there until somebody disables the firewall for you, get it out of there or if you get access via another ip or method like KVM for example.
