I went to bed last night for the first time not feeling completely stressed. Get up this morning, and this new server is completely erratic. Our host is looking at it, but they are about worthless.
So, trying to figure it out. This is really starting to suc. Had a dr appointment yesterday and my bp was 160/120 This needs to get rectified soon, somehow.
Quote from: Jeff on February 08, 2024, 10:59:18 AMbut they are about worthless.
Hope they don't read the forum.
Run a few network connectivity traces and traceroutes from your computer to the server. It's probably some malfunctioning device in the chain.
Quote from: rusticretreater on February 08, 2024, 11:16:32 AMQuote from: Jeff on February 08, 2024, 10:59:18 AMbut they are about worthless.
Hope they don't read the forum.
Run a few network connectivity traces and traceroutes from your computer to the server. It's probably some malfunctioning device in the chain.
We are using 3 different routes on 3 different isps. My son is 50 miles away on a different one and still experienvlcing problems. I think they have the server misconfigured related to the multi php
Jeff,
Wonder if your host service is having issues with their supporting network. Is there any thing I can do?
How is your other website that you host doing?
I did a traceroute to the www.forestryforum.com
18 e-10-6.core1.dal.corespace.com (64.182.161.84) 54.822 ms 62.319 ms e-10-4.core2.dal.corespace.com (64.182.161.89) 62.297 ms
19 forestryforum4.dal.corespace.com (64.182.125.189) 62.339 ms 51.549 ms *
My trace is the same till I get to hop 18 and it seems to always change. Wondering if that could be a issue. Don't know how their network is set up.
Ron
Quote from: ronwood on February 08, 2024, 11:35:01 AMJeff,
Wonder if your host service is having issues with their supporting network. Is there any thing I can do?
How is your other website that you host doing?
I did a traceroute to the www.forestryforum.com
18 e-10-6.core1.dal.corespace.com (64.182.161.84) 54.822 ms 62.319 ms e-10-4.core2.dal.corespace.com (64.182.161.89) 62.297 ms
19 forestryforum4.dal.corespace.com (64.182.125.189) 62.339 ms 51.549 ms *
My trace is the same till I get to hop 18 and it seems to always change. Wondering if that could be a issue. Don't know how their network is set up.
Ron
Ron, all the websites are dragging, although its getting better. They are supposedly working on it. Im thinking it has to do with php and connections but what do I know. This is linux cloud, running multi php
FRIGGING CHINESE
Did you of Denial of Service Attack?
Guess I missed all the fun. :Wow:
I know this is your world
@Jeff, but it'd not worth losing sleep or getting you BP out of whack.
I can eat breakfast alone.
Quote from: ronwood on February 08, 2024, 01:04:38 PMDid you of Denial of Service Attack?
Yes, the host did not install set up the security built into WHM panel. Jeremy and I had asked him about the server specs, and he said that this one had so much more built in security into it that it really helps as the bad guys are not taking your resources. They never set it up. Thing its the host says to me: what did you do? Blamed it on me. ARGH We did not get as he described but I can't say anything. I am grateful for the help after the fact. We have it running now.
Jeff, I may be off base, but just for your information, I am not getting ANY of those dang pop-up ads that were driving me crazy. When we came back on line I suspected that these were not in your plan, did not add to your income, and were a symptom of the server not culling them out. I am now getting the feeling that I may have been right, but it doesn't matter, I am just glad you stepped over another hurdle and it has added to the comfort and readability of the forum. As you say, we are almost there and progress is being made. Relax and enjoy the ride, it is looking good.
EDIT TO CORRECT: OK those pop-ups are still there, but seem to be a lot less and go away on their own.
Quote from: Jeff on February 08, 2024, 09:38:15 PMQuote from: ronwood on February 08, 2024, 01:04:38 PMDid you of Denial of Service Attack?
Yes, the host did not install set up the security built into WHM panel. Jeremy and I had asked him about the server specs, and he said that this one had so much more built in security into it that it really helps as the bad guys are not taking your resources. They never set it up. Thing its the host says to me: what did you do? Blamed it on me. ARGH We did not get as he described but I can't say anything. I am grateful for the help after the fact. We have it running now.
Not that it helps you now, but fail2ban https://github.com/fail2ban/fail2ban is a good opensource tool for attacks against a server. Although if you get your password wrong too often via ssh it will ban you.
I also run an ip black list against regions. The bash script is below, note I don't know what tools cPanel has so they might be better.
But this has worked for me for the last 15 years and we use similar at work.
You can add Russia to the list of IP's to block also as they are pretty bad, North Korea aren't so bad for some reason. But it depends on whom your target market is with your site.
#!/bin/bash
BLOCKDB="block.txt"
WORKDIR="/tmp"
OUT_IF="eth0"
pwd=$(pwd)
cd $WORKDIR
ipset -N -exist blacknets hash:net
#Obtain list of China IP's
wget -q -c --output-document=$BLOCKDB http://www.ipdeny.com/ipblocks/data/countries/cn.zone
if [ -f $BLOCKDB ]; then
IPList=$(grep -Ev "^#" $BLOCKDB | sort -u)
for i in $IPList
do
ipset --add blacknets $i
done
fi
rm $BLOCKDB
#Obtain list of Thailand IP's
wget -q -c --output-document=$BLOCKDB http://www.ipdeny.com/ipblocks/data/countries/th.zone
if [ -f $BLOCKDB ]; then
IPList=$(grep -Ev "^#" $BLOCKDB | sort -u)
for i in $IPList
do
ipset --add blacknets $i
done
fi
rm $BLOCKDB
wget -q -c --output-document=$BLOCKDB http://www.ipdeny.com/ipblocks/data/countries/tw.zone
if [ -f $BLOCKDB ]; then
IPList=$(grep -Ev "^#" $BLOCKDB | sort -u)
for i in $IPList
do
ipset --add blacknets $i
done
fi
rm $BLOCKDB
# Blacklist IP's
iptables -A FORWARD -i $OUT_IF -m set --match-set blacknets src -j DROP
This thread makes me glad im just a mechanic.
Sorry what you guys have to go through to keep this thing running.
There should be a standard procedure in place to harden a server and prevent all sorts of DOS and other attacks. The ISP has poor internal controls it seems. Could just be one server admin, could be endemic to the organization.
I think its a certain daytime lead admin that forgets We PAY for a dedicatrd MANAGED server.
When we first got started. We found all groups and owners were set to root across all domains
Yikes! Anybody who did that in my realm would certainly be out the door.
Odd glitch I have logging in when my password registers on this I phone I get about a second to choose my length of time to stay logged in and it automatically picks one hour. It's not a big deal and I figured it was just a message to me to be more productive with my time. ffsmiley
Is there a way to slow it down a touch?
Otherwise everything else seems really good.
I don't have that problem on mine, but perhaps select the timeframe before you enter your password?
I've not witnessed this yet.
Sounds like you need to go play with Harley and Cedar till the BP gets better. Sorry for the grief. Thanks for all you and your team's efforts.
Probably no help but just in case, yesterday I spotted a bar on the west side of I-85 between exits 32 and 33 in Charlotte NC named "The Woodshed Bar." I thought about you when I read the name.
I let the phone save my password hence the problem. I will login log in manually next time.