HTTP Locked out but SSH not

digitalpure · June 6, 2016, 9:44pm

I suddenly started getting sites offline. Oddly I can still get to the :2222 section, but resolving domains is not working. I can also still SSH into the server.

I have tried upgrading the stack, restarting the stack, restarting the entire server and still same issue. I have removed HHVM and only using php7 with letsencrypt.

If the error log I see this: upstream: “fastcgi://127.0.0.1:9070”, host: www.thisisadummydomain.com

Not sure how to resolve this. Any ideas on what can be causing this?

I have fail2ban and OSSEC installed only and I checked the logs and see nothing in those. I checked the domains wp-admin via a proxy server and no IP blocks either.

David

digitalpure · June 6, 2016, 9:45pm

Does EE have a built in firewall for nginx?

janiosarmento · June 7, 2016, 2:10am

It is Fail2Ban. Some of your rules is blocking port 80 only.

digitalpure · June 7, 2016, 12:48pm

You were right!!

I did find a fail2ban alert notice with my IP, turned off that jail section and I am working again… now to figure out how I got on their as it was the http/https misc access log that triggered.

I added my ip to the ignore IP section in my jail.local config and that seems to have also resolved the issue as I re-enabled the misc section.

thanks again.

system · November 9, 2018, 1:50pm