The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM/cPanel only works if iptables service is stopped!

Discussion in 'General Discussion' started by bigste, Feb 21, 2009.

  1. bigste

    bigste Member

    Joined:
    Jan 6, 2009
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Cheshire, UK
    ...is that right or am I missing something, like a script that sorts it out for me.

    It's a newish install and I'm new to it but I notice every time the server reboots (and at other random intervals) suddenly nothing works. I can ping the server but that's about it. However if I run something like:-

    Code:
    # wget http://host.myserver.com
    it will pull down the "Congratulations on installing Apache..." index.html page, so I know httpd is running OK.

    Code:
    # wget http://host.myserver.com/whm
    won't work though, it'll try to redirect to port 2086 and fail on a 401 error but atleast it's having a go. I don't get anything from my PC.


    The only way to get it going again is:-

    Code:
     # service iptables stop
    This seems a bit extreem and I feel leaves me slightly vulnerable, although I am behind a corporate Firewall so it's not the end of the world.
    I have tried adding some lines to the iptables files as discussed on several forums etc.. like these:-

    "simply add these lines to your iptables file using pico"
    Code:
    # iptables -A ptcp -p tcp --dport 2082 -m state --state NEW -j ACCEPT
    # iptables -A ptcp -p tcp --dport 2083 -m state --state NEW -j ACCEPT
    # iptables -A ptcp -p tcp --dport 2086 -m state --state NEW -j ACCEPT
    # iptables -A ptcp -p tcp --dport 2087 -m state --state NEW -j ACCEPT
    ..but then they've been written over by cron in the night.

    I have spent quite a lot of time trying to resolve this but as I'm not the best linux server admin going I don't really know what to do. Don't make me reach for that Win2K disc ;)
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. bigste

    bigste Member

    Joined:
    Jan 6, 2009
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Cheshire, UK
    yes, about 50 million configurations later and it appears you may be right. :rolleyes:

    It seems to be quite a handy security tool, why don't cPanel endorse it as they do with Coppermine, Mambo, PHPbb etc... ? It would have saved me a right load of mither.

    Anyway, as required, I just rebooted and Bob's my uncle :cool:

    Thanks
     
  4. agentblack

    agentblack Well-Known Member

    Joined:
    Mar 28, 2008
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Indiana
    that is a great script, however, I've never been able to get it to really work right. Always flakes out on me during the install :(
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    On a VPS? I thnk those users have had a few problems that you don't on regular servers.
     
  6. agentblack

    agentblack Well-Known Member

    Joined:
    Mar 28, 2008
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Indiana
    yeah i run all of my shared hosting's on vps'. It's rather nice actually, but I'm just disappointed that script doesnt work well on vps'.
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I think it does, it just needs some additional tweaking for the environment. Lots of posts over on the CSF forums that should help there.
     
  8. agentblack

    agentblack Well-Known Member

    Joined:
    Mar 28, 2008
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Indiana
    thanks! I'll check into it. Since I've banned all APNIC ip's my attacks have decreased drastically. But I'll still check into it.
     
  9. hydra

    hydra Well-Known Member

    Joined:
    Mar 26, 2008
    Messages:
    102
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Amsterdam, Netherlands
    Hi,
    Previous csf versions required the monolithic=1 variable in csf.conf when running on a VPS.
    In the latest versions this should not be necessary anymore.
    I suggest you try it. :cool:
     
    #9 hydra, Feb 23, 2009
    Last edited: Feb 23, 2009
  10. agentblack

    agentblack Well-Known Member

    Joined:
    Mar 28, 2008
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Indiana
    I'll have to look into it. I'd hate to put it straight away onto a live server without testing it. That would be bad! lol
     
Loading...

Share This Page