The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IP's are being added to hosts.allow by DenyHosts

Discussion in 'Security' started by louish, Apr 16, 2010.

  1. louish

    louish Member

    Joined:
    Feb 2, 2006
    Messages:
    23
    Likes Received:
    1
    Trophy Points:
    3
    In my hosts.allow file, I control my SSHD access by allowing my own IP's then denying sshd to all at the end of the file..

    (something like this:)


    sshd : MY.IP.GOES.HERE : allow
    #All SSH from My IP

    sshd : ALL : deny
    #Deny access from all other IPs


    On 2 of my 5 services, for some reason, IP's automatically keep getting added to the top of the file... and the file ends up looking like this:

    # DenyHosts: Fri Apr 16 11:31:39 2010 | ALL: 201.21.179.103
    ALL : 201.21.179.103 : allow

    sshd : MY.IP.GOES.HERE : allow
    #All SSH from My IP

    sshd : ALL : deny
    #Deny access from all other IPs





    I dont know why they are being added to hosts.allow (i thought thats what hosts.deny was for), but either way, it says the program DenyHosts is adding it, and its adding it with the "allow" command instead of deny. I figured these IP's were coming from the brute force protection, but Im probably wrong.

    Whats weird is only 2 of my 5 servers do this. On my other 3 servers, hosts.allow stays un-modified. ( I tend to keep all my servers setup the exact same way) This is causing problems for me cause when my IP address changes from my ISP, I have to login to WHM to change my IP on the Host Access Control page, and when these IP addresses get added automatically, it takes about 5 minutes for this page to load because of how many new IP's are listed. Once I modify my IP, I can ssh in and I manually remove all the new entries in the hosts.allow file.

    Im running cPanel 11.25.0-R44718 - WHM 11.25.0 - X 3.9
    CENTOS 5.4 i686 standard

    Any ideas?
     
Loading...

Share This Page