Contact Support : +64 220 256 070

Aimvm
Blog

How to check if your IP is blocked on the server?

Posted on: October 25, 2014

If you are unable to access your website, cPanel, webmail and other services on the server, it might be that your IP is blocked on the server. To confirm that you’re behind the firewall, do the following.

1) Try to access from the website from another ISP or using proxies.

2) Try to ping the server and check if there is any packet loss.

3) Try a running the traceroute command.

You can either open a support ticket with us or just login to the server from a different ISP and do the following.

Assuming that CSF is installed on the server. You can find your IP address by access the URL http://whatismyip.com

In our example the IP is given below.

csf -g IPaddress

csf -g 216.158.87.80

Chain            num   pkts bytes target     prot opt in     out     source               destination

DENYIN           200      0     0 DROP       all  —  !lo    *       216.158.87.80        0.0.0.0/0

DENYOUT          200      6   720 DROP       all  —  *      !lo     0.0.0.0/0            216.158.87.80

In this case the IP given is blocked at the firewall. The “DROP’ represents that all the packets from that IP is being screened.

You can find the reason for the block from the file /var/log/lfd.log so that you can avoid the same in the future.

lfd[19307]: *SSH login* from 216.158.87.80 into the root account using password authentication
Oct 25 00:43:21 lfd[32025]: (sshd) Failed SSH login from 216.158.87.80 (US/United States/office.linuxfox.com): 5 in the last 3600 secs – *Blocked in csf* [LF_SSHD]

How to unblock your IP?

csfdr 216.158.87.80
Removing rule…
DROP  all opt — in !lo out *  216.158.87.80  -> 0.0.0.0/0
DROP  all opt — in * out !lo  0.0.0.0/0  -> 216.158.87.80

Now that the rule for dropping packets from the IP has been removed and you will be able to access the services again.

If you wish, you can whitelist your IP address on the server so that it won’t get blocked next time.

[~]# csf -a 216.158.87.80
Adding 216.158.87.80 to csf.allow and iptables ACCEPT…
ACCEPT  all opt — in !lo out *  216.158.87.80  -> 0.0.0.0/0
ACCEPT  all opt — in * out !lo  0.0.0.0/0  -> 216.158.87.80

Now that the IP is whitelisted on the server. If you still face any problems to connect to the server, please open a support ticket with us.

 

 

 

 

Search Blog