Server domains down, cannot access WHM/Cpanel, Server running?

intrinsic

Member
Dec 29, 2013
7
0
1
cPanel Access Level
Root Administrator
Got a client message saying their website is down, I go to check and see the VPS is running fine and I can access FTP but I cannot access WHM on 2087 or 2083.

I've tried restarting cPanel and services (service cPanel restart) and also rebooted the bare metal server. The sites are still not up and I cannot access cPanel.

One of our workstations recently was cleared of malware, and I'm unsure if that had to do something with it. Port 2087/2083 is available on LAN but not WAN, and iptables for the VPS is:

Code:
# Generated by iptables-save v1.4.7 on Fri Dec 27 10:21:03 2013
*ptables-save v1.4.7 on Fri Dec 27 10:21:03 2013
*nat
:PREROUTING ACCEPT [19:1642]
:POSTROUTING ACCEPT [533:33346]
:OUTPUT ACCEPT [533:33346]
COMMIT
# Completed on Fri Dec 27 10:21:03 2013
# Generated by iptables-save v1.4.7 on Fri Dec 27 10:21:03 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:acctboth - [0:0]
:cP-Firewall-1-INPUT - [0:0]
-A INPUT -j cP-Firewall-1-INPUT
-A INPUT -j acctboth
-A FORWARD -j cP-Firewall-1-INPUT
-A OUTPUT -j acctboth
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2078 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2082 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2077 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 26 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2086 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2087 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2095 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2096 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2083 -j ACCEPT
-A cP-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
COMMIT
Currently all domains are not functioning and I need to find a solution. The odd thing is, the default cPanel page is view-able when connecting directly to the server's IP via browser. Please help-
 

intrinsic

Member
Dec 29, 2013
7
0
1
cPanel Access Level
Root Administrator
Both https://IP:2086 and 2082 in secure/non-secure is not working. I tried using hostnames and also IP.

I do believe this is a named issue, but the output of chkconfig --list | grep named shows:

named 0:eek:ff 1:eek:ff 2:eek:ff 3:eek:n 4:eek:ff 5:eek:n 6:eek:ff

Strangely I cannot access /var/log/messages (Permission denied).

I will be reporting a ticket to cPanel, but if anyone has any ideas, please help. Cheers