The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

APF firewall is blocking one user..., although his IP is in allow list

Discussion in 'General Discussion' started by ns1, Feb 24, 2009.

  1. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    One user cannot access my websites, or server.
    When I turn off firewall he can access websites.
    When I turn it on he cannot.

    I have added his IP, and entire IP range in allow_hosts.rules. At this moment allow_hosts.rules looks like this:
    Allow_hosts.rules

    Any help is appreciated.
     
  2. JPC-Shaun

    JPC-Shaun Well-Known Member

    Joined:
    Oct 29, 2008
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    Hi;

    First of all make sure that the IP is not blocked in the APF by using the following command:

    grep IP /etc/apf/deny_hosts.rules

    If this results in the presence of the ip then use this command to unblock the IP in the APF.

    apf -u IP

    The IP may be blocked on the Iptables. Use the following command to verify which Ips are currently blocked on the server in the IPtables .

    /sbin/iptables --list -n | grep "DROP" | grep "all" | awk '{print$4}'

    If the Ip is blocked on the iptables firewall then follow as below to delete the rule from the firewall.

    iptables -L INPUT -n --line-numbers

    You'll get the list of all blocked IPs . Look at the serial number on the left as a result of this command, then

    iptables -D INPUT <<serial number here>>
     
  3. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Thx Jaguar PC, but his IP is not blocked. Further more, his IP changes every 24h so in the past 2 weeks he would have been able to go through.
    It has to be something else....
     
  4. JPC-Shaun

    JPC-Shaun Well-Known Member

    Joined:
    Oct 29, 2008
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    Hi;

    If you are sure that the IP is not blocked on the server firewall and all the other users are able to access the server then there might be some rule in the .htaccess that is blocking the web access for the particular user .

    Also Make sure that all the necessary service ports are opened in the firewall and are able listen properly.
     
  5. PDW

    PDW Well-Known Member

    Joined:
    Dec 29, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Check the cPHulk Brute Force Protection
    section in security center as well. I am sure you may have looked there but I have made the mistake many times of going into APF first and not finding it and moving on.

    Also, could be their own firewall or ISP - can he/she make it to any other sites on the server?
     
  6. ns1

    ns1 Active Member

    Joined:
    Aug 8, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    I have checked Brute Force protection. It was disabled.

    I have just found out that ISP is moving servers to a new location. Could this be the problem?
     
Loading...

Share This Page