All of a sudden I've noticed a couple sites that I have set up in ispconfig3 are no longer resolving. My main domain that I used to set up is resolving, but none of the other sites. To be honest, I'm not quite sure where to look for the appropriate logs. I don't see anything referencing mydns in /var/log The strange thing is, the domains resolve when I check from the VPS, but don't resolve checking from home or anywhere else.
They are, these sites have been running fine for a few months now. All of a sudden I can't resolve them. Stranger yet, I had someone in another location check and they were able to resolve the domains. All of a sudden I'm also blocked out of ssh. My control panel is still running and my other sites are too, I just checked from work and I can see them and resolve them. Its like my home computer(IP) has been blacklisted.
Are you using fail2ban, Blockhosts or DenyHosts on the server? If you have made too many failed login attempts, then you probably got blocked by these tools.
Yes, but I don't recall ever failing a login attempt. The million dollar question is, if that is the case, how does one regain access to a remote system that has blocked you? I'm working with the host support, they said they cleared /etc/hosts.deny, but I'm still getting a refused connection.
The support told me they cleared the hosts.deny, but clearly they did not. I had someone login for me and clear out my IP address. What scares me though is why this happened to begin with. I had both fail2ban and denyhosts installed, should I only use 1 or the other?
I'm still unable to resolve from my home IP address. I can login to the control panel but can't resolve my other sites. They resolved fine from work and I've had a few other people check with no problems. Is there any other setting that could block access to DNS for this IP? edit: looks like might have been my router or atts dns. I added another entry and was able to resolve.
Yes, just use one. If you're using fail2ban, you're probably being blocked by iptables, not /etc/hosts.deny. http://debianclusters.cs.uni.edu/index.php/Fail2Ban:_Preventing_Brute_Force_SSH
Denyhosts can just secure SSH, while fail2ban can protect also other services. If you just want to protect SSH, then it doesn't matter which one you use - they both do the same great job.
