HTTP Locked out but SSH not


#1

I suddenly started getting sites offline. Oddly I can still get to the :2222 section, but resolving domains is not working. I can also still SSH into the server.

I have tried upgrading the stack, restarting the stack, restarting the entire server and still same issue. I have removed HHVM and only using php7 with letsencrypt.

If the error log I see this: upstream: “fastcgi://127.0.0.1:9070”, host: www.thisisadummydomain.com

Not sure how to resolve this. Any ideas on what can be causing this?

I have fail2ban and OSSEC installed only and I checked the logs and see nothing in those. I checked the domains wp-admin via a proxy server and no IP blocks either.

David


#2

Does EE have a built in firewall for nginx?


#3

It is Fail2Ban. Some of your rules is blocking port 80 only.


#4

You were right!!

I did find a fail2ban alert notice with my IP, turned off that jail section and I am working again… now to figure out how I got on their as it was the http/https misc access log that triggered.

I added my ip to the ignore IP section in my jail.local config and that seems to have also resolved the issue as I re-enabled the misc section.

thanks again.


#5