The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CPanel Blocking

Discussion in 'General Discussion' started by niatech, Oct 12, 2005.

  1. niatech

    niatech Well-Known Member

    Joined:
    Feb 20, 2005
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    16
    Hi all,

    I have a user that is having problems connecting to our server. Their office is able to connect to all servers except for ours. So, here is what I've checked. Am I missing anyting?:

    - APF's deny_hosts.rules - not in there
    - APF's ds_hosts.rules - not in there
    - PortSentry - not in there
    - hosts.deny - not in there
    - messages - nothing out of the ordinary
    - maillog - shows successful mail transactions up to yesterday afternoon (no changes on my part)
    - secure - not in there
    - mod_security - not in there

    Am I missing anything, I'm leaning on a blocking on their end or somewhere along the route. Waiting for a tracert, but is there any other ways that CPanel does blocking?

    Thanks!

    Ciao
     
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    Looks to me like you've covered everything there, although don't take that as a full confirmation that you've missed anything.

    I too would be inclined to believe that it is something either at their end or inbetween and certainly the traceroute results should clear that possibility up.

    If it reassures you at all, I've encountered such situations before. At one time my ISP in Poland somehow (most likely be mistake) denied access to a specific block of IP addresses which, quite unfortunately, happened to cover the datacenter I use. Another time a client was finding that the connection to my server was painfully slow whereas all other sites seemed fine. Thankfully they had a secondary backup ISP and as things worked fine through the backup they were satisifed that things weren't going wrong server-side.
     
  3. niatech

    niatech Well-Known Member

    Joined:
    Feb 20, 2005
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for the reassurance. I'm still checking things out and i'm still leaning toward their side, specifically now since their traceroute results timeout at 192.168.1.1.

    HOWEVER, I'm having them tracert a few different sites to see whats going on.

    Ciao
     
  4. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    Yep, that would be a dead giveaway really!

    Good luck in your endeavours, which quite often means not only finding proof that the issue lies beyond your control but convincing the client that you really can't do anything about it.
     
  5. niatech

    niatech Well-Known Member

    Joined:
    Feb 20, 2005
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    16
    Agreed whole-heartedly ;);)
     
  6. bamasbest

    bamasbest Well-Known Member

    Joined:
    Jan 10, 2004
    Messages:
    531
    Likes Received:
    0
    Trophy Points:
    16
    While I tend to agree with the above, it couldn't hurt to ensure that this client is in the allow_hosts.rules.

    I very large client of mine recently triggered apfad by having hundreds of employees simultaneously all access a site that they maintain on one of my boxes. Of course, all of these employees access the net from behind their firewall via the corporate public IP.

    Adding them to allow_hosts.rules (port 80) cleared it up immediately.
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Would indeed suggest that the problem is definitely at their end if there's no hops off of their LAN. Most likely a problem at their ISP or a local firewall.
     
Loading...

Share This Page