The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNS cluster error on...

Discussion in 'Bind / DNS / Nameserver Issues' started by alexandz, Feb 21, 2012.

  1. alexandz

    alexandz Well-Known Member

    Joined:
    Oct 28, 2011
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Chile
    cPanel Access Level:
    Root Administrator
    I have received emails like this, what should I do?

    You should update the authentication credential for xxx.xx.xx.xx at https://servidor:2087/cgi/clusterstatus.cgi : Cpanel::NameServer::Remote::cPanel: Unable to Server Error from xxx.xx.xx.xx: HTTP/1.1 403 Forbidden
    [servidor] (Authentication failure: Server Error from xxx.xx.xx.xx: HTTP/1.1 403 Forbidden)
     
  2. alexandz

    alexandz Well-Known Member

    Joined:
    Oct 28, 2011
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Chile
    cPanel Access Level:
    Root Administrator
    There was an error while processing your request: Cpanel::PublicAPI returned [Server Error from xxx.xx.xx.xx: HTTP/1.1 403 Forbidden ]
     
  3. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    If you are authenticating to your other server using username root, this will be common as many attempt to brute force username root and then brute force protection locks out logins to username root. If this is the case, consider creating a root-level reseller and authenticating through that account instead.

    I've encountered this when cphulkd brute force protection has been triggered.
     
  4. alexandz

    alexandz Well-Known Member

    Joined:
    Oct 28, 2011
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Chile
    cPanel Access Level:
    Root Administrator
    Hi! But it was fine until today, and nothing these errors started to arrive.

    How can you solve?
     
  5. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Brute force attacks can happen at any time. What day it is or that it hasn't happened until today is irrelevant. Login to the other WHM interface (the one your server is trying to connect to) and in cphulkd see if your username or server's IP has been blocked (it probably has). If it is the case, then you can use the tools to flush things. Note, if you just flush the brute force history, you are very likely to be brute forced again. Consider using my recommendation to move this to a different account.
     
  6. alexandz

    alexandz Well-Known Member

    Joined:
    Oct 28, 2011
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Chile
    cPanel Access Level:
    Root Administrator
    Check cPHulk but did not find the IP or server name, so it is not locked, but just as clean, do not know how to fix it :(
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Feel free to submit a support ticket if you would like for us to investigate further:

    Submit A Ticket

    You can post the ticket number here so we can track the issue and let everyone else know the cause of the problem.

    Thank you.
     
  8. nwtg

    nwtg Active Member

    Joined:
    Dec 24, 2010
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Portland, Oregon
    cPanel Access Level:
    Root Administrator
    I received the same error when I got in the office this morning and was looking at my emails:

    Cpanel::NameServer::Remote::cPanel: Unable to Server Error from 184.22.XXX.XXX: HTTP/1.1 403 Forbidden Access denied
    [*******.pdxinter.net] (Authentication failure: Server Error from 184.22.XXX.XXX: HTTP/1.1 403 Forbidden Access denied
    )
    .warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    warn [dnsadmin-ssl] named.conf cache may be corrupt
    ......Server Error from 184.22.XXX.XXX: HTTP/1.1 403 Forbidden Access denied

    /usr/local/cpanel/scripts/dnscluster syncall --full
    Syncing Zones to all machines in cluster....(full)........Server Error from 184.22.XXX.XXX: HTTP/1.1 403 Forbidden Access denied

    /scripts/ssl_crt_status 184.22.XXX.XXX
    Argument 0 did not match (?-xism:^--(.)) at /usr/local/lib/perl5/site_perl/5.8.8/Class/Std.pm line 438


    I was able to fix this by disabling SSL "Support for cPanel daemons (no stunnel)", regenerating the .accesshash file and regenerating the remote access key. Some other things I tried (which may have contributed)

    /scripts/fixbuggynamed
    /etc/rc.d/init.d/saslauthd stop

    </var/cpanel/cluster/root/config># cat 184.22.242.202
    #version 2.0
    user=root
    host=(******)
    pass=2fa7ace5aaf5d3747164e5a5f8875994a50ee54*and the rest of the .accesshash
    module=cPanel
    debug=0

    /scripts/restartsrv_dnsadmin
    /scripts/rebuildnamedconf
    /scripts/initsslhttpd

    It almost seems like it has something to do with my recently generated SSL certs. I rebuilt them again as a precaution.
    Also noticed at that time that the timestamps/validity ("Not before") time was actually three hours ahead (GMT rather than PST) which suggests to me that this could have been caused by an incorrect timestamp in the cert.

    If someone at cPanel could tell me which fix actually RESOLVED the problem, I'd really appreciate it.

    For those still experiencing this problem, look at /usr/local/cpanel/logs/dnsadmin_log and you'll likely see tons of errors.

    [2012-03-28 17:18:02 -0700] info [dnsadmin-ssl] Cpanel::NameServer::Remote::cPanel: Unable to Server Error from XXX.XXX.XXX.XXX: HTTP/1.1 403 Forbidden Access denied
    [*****.pdxinter.net] (Authentication failure: Server Error from 184.22.XXX.XXX: HTTP/1.1 403 Forbidden Access denied

    Once I stopped dnsadmin-ssl and started dnsadmin, everything fell back into place and the cluster member was back in the loop!
    --------------------------------------------------------------------------

    [2012-03-28 18:00:18 -0700] info [dnsadmin] Lph3rXuTXb2dTD3xoDYt2ZNU8x08Uc1C 184.22.XXX.XXX "GETPATH " [started: Wed Mar 28 17:27:52 2012] [ended: Wed Mar 28 18:00:18 2012] 1 Cpanel::NameServer::Remote::cPanel: OK

    So you might try disabling SSL support for cPanel daemons. That *might* fix it.

    Any idea what could have caused this?


    -John
    Northwest Technology Group
    Enterprise, Clustered cPanel Web Hosting : N.W. Technology Group : Portland, Oregon & Pacific Northwest
    support@nwtechgroup.com
     
  9. nwtg

    nwtg Active Member

    Joined:
    Dec 24, 2010
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Portland, Oregon
    cPanel Access Level:
    Root Administrator
    I spent a goodly amount of time posting a few potential fixes but then was informed that a moderator must approve. It was a rather large reply and contained steps that resolved the issue for me..
     
Loading...

Share This Page