Banned from my own server?

  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

Sorry, but this might not make sence. But, for some reason, a couple hours ago, I tried to go t my site, but it wasnt loading. All other sites were working, so I restarted my server (mind you, the server is not in me house, its in texas). I still could not connect too the server or any sites on it. I asked other people too try connecting, and they could/can connect just fine. Its VERY irritating. I can connect too it fine if I use a proxy, but I dont want to have to use a proxy all the time. Its as if someone banned my IP from accessing the server. Any ideas?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Your ISP's DNS server's probably have a cache from when the site was down. It will probably fix itself, or you could call up your ISP and deal with tech support for an hour while they try to tell you it's not their problem.

Either way the problem is with your ISP
  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

But why can I access other sites, but not sites on my server?
  • Tom the Great
  • Expert
  • Expert
  • User avatar
  • Posts: 727
  • Loc: B.C., Canada

Post 3+ Months Ago

Rat wrote:
But why can I access other sites, but not sites on my server?


ATNO/TW is saying that your ISP is pointing http://www.yourdomain.com to a different server (instead of your server), and that it will eventually fix itself.
  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

But my ISP doesnt even know I own the to domain name, much less, know I own the server. The website isnt even being hosted by my ISP. So how would they have access to it, if that is the case, which Iam pretty sure its not.
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

OK, what do you mean "wasn't loading"? 404 error? 500? 503?
From a command line;
telnet your_domain 80
HEAD / HTTP/1.0
<two enter keys>
What do you see?
Also, run dig or nslookup on your host.domain;
dig http://www. or
nslookup http://www.

Respond with the results.

What is the domain anyway?

It's entirely possible that your ISP's DNS is munged, not in that they singled out your site, though new requests and previously cached requests could be fubar. A local DNS resolver will cache (for the TTL, by the RFC) resolvable host.domains and become for the period of the TTL, a non-authoritative answerer... answerer? Sheesh.
This is the condition for which ATNO spoke, at least I think so. :)

Cheers.
  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

Lol. The site wasnt loading up AT ALL. I cant telnet into anysite at all, its denying TOTAL access from my IP.
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

OK so that doesn't answer any of my questions. What is the URL? What do you see when you do any of what I asked for previously?

Hard to help, with two hands tied behind my back.

Cheers.
  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

http://www.stolenkingdoms.net
You can access it fine, I cannot. The server is blocking my IP, or thats what it appears like. When I do what you asked me, I just get timed out.
  • mindcry
  • Novice
  • Novice
  • mindcry
  • Posts: 34

Post 3+ Months Ago

Have you tried running a traceroute and see where it stops. Also, if this is a linux box you should by no means be using telnet. Run a trace route though and see where it gets stopped, that will make it easier to find the answer.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Daemonguy wrote:

This is the condition for which ATNO spoke, at least I think so. :)

Cheers.


Correct. This is exactly what I was refering to. And I suspect if he tries ping or tracert it will stop on the first hop which means his ISP is still the problem.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Rat, to make the tech lingo a little more understandable, the ISP's DNS servers will cache frequently requested sites so they are not constantly having to do name resolution lookups. If they happened to cache your site when it was down, then they will return an error since they are trying to resolve your site from their cache. The resolver cache will clear itself in a specified time period. This can vary depending on the timeout set by your ISP. They will need to either flush their DNS cache or you can call them and scream at them to do it. One other thing you can try is Start | Run and type: ipconfig /flushdns, since it is possible that the bad cache is on your own machine.
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

OK, here is what I was talking about.
If I run dig, here's what I get;
Code: [ Select ]
> dig www.stolenkingdoms.net

; <<>> DiG 8.3 <<>> www.stolenkingdoms.net 
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUERY SECTION:
;;   www.stolenkingdoms.net, type = A, class = IN

;; ANSWER SECTION:
www.stolenkingdoms.net. 1h59m31s IN A 216.127.70.130

;; AUTHORITY SECTION:
stolenkingdoms.net.   1h59m31s IN NS d.dnsvr.com.
stolenkingdoms.net.   1h59m31s IN NS b.dnsvr.com.

;; ADDITIONAL SECTION:
d.dnsvr.com.      7h25m1s IN A  216.98.150.24

;; Total query time: 106 msec
;; FROM: tao.shinobi to SERVER: default -- 24.25.4.106
;; WHEN: Wed Sep 29 13:24:53 2004
;; MSG SIZE sent: 40 rcvd: 113
  1. > dig www.stolenkingdoms.net
  2. ; <<>> DiG 8.3 <<>> www.stolenkingdoms.net 
  3. ;; res options: init recurs defnam dnsrch
  4. ;; got answer:
  5. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
  6. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
  7. ;; QUERY SECTION:
  8. ;;   www.stolenkingdoms.net, type = A, class = IN
  9. ;; ANSWER SECTION:
  10. www.stolenkingdoms.net. 1h59m31s IN A 216.127.70.130
  11. ;; AUTHORITY SECTION:
  12. stolenkingdoms.net.   1h59m31s IN NS d.dnsvr.com.
  13. stolenkingdoms.net.   1h59m31s IN NS b.dnsvr.com.
  14. ;; ADDITIONAL SECTION:
  15. d.dnsvr.com.      7h25m1s IN A  216.98.150.24
  16. ;; Total query time: 106 msec
  17. ;; FROM: tao.shinobi to SERVER: default -- 24.25.4.106
  18. ;; WHEN: Wed Sep 29 13:24:53 2004
  19. ;; MSG SIZE sent: 40 rcvd: 113


If I run a telnet (yes, you can telnet all day long to the host or IP, as long as you specify the port -- it helps t/s issues as it returns host header information);

Code: [ Select ]
> telnet www.stolenkingdoms.net 80
Trying 216.127.70.130...
Connected to www.stolenkingdoms.net.
Escape character is '^]'.
HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Thu, 30 Sep 2004 04:56:20 GMT
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_fastcgi/2.2.10 mod_jk/1.2.0 mod_perl/1.24_01 PHP/4.2.2 FrontPage/5.0.2 mod_ssl/2.8.12 OpenSSL/0.9.6b
Connection: close
Content-Type: text/html

Connection closed by foreign host.
  1. > telnet www.stolenkingdoms.net 80
  2. Trying 216.127.70.130...
  3. Connected to www.stolenkingdoms.net.
  4. Escape character is '^]'.
  5. HEAD / HTTP/1.0
  6. HTTP/1.1 200 OK
  7. Date: Thu, 30 Sep 2004 04:56:20 GMT
  8. Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_fastcgi/2.2.10 mod_jk/1.2.0 mod_perl/1.24_01 PHP/4.2.2 FrontPage/5.0.2 mod_ssl/2.8.12 OpenSSL/0.9.6b
  9. Connection: close
  10. Content-Type: text/html
  11. Connection closed by foreign host.


Alternatively, you can run nslookup (instead of dig) to see what IP is being provided by your resolver;
Code: [ Select ]
> nslookup www.stolenkingdoms.net
Server: rlghnc-dns-cac-01-dmfe1.nc.rr.com
Address: 24.25.4.106

Non-authoritative answer:
Name:  www.stolenkingdoms.net
Address: 216.127.70.130
  1. > nslookup www.stolenkingdoms.net
  2. Server: rlghnc-dns-cac-01-dmfe1.nc.rr.com
  3. Address: 24.25.4.106
  4. Non-authoritative answer:
  5. Name:  www.stolenkingdoms.net
  6. Address: 216.127.70.130


Non-authoritative in this case, shows that since I recently did a lookup, my DNS resolver has cached the previously requested information.

It should not vary by ISP, rather they should respect the TTL's (Time To Live) set by the authoritative DNS and when that timeout occurs, refresh the data. I say *should* because there are many which do not, especially if the value is too low. RFC-1035 states this value as minimum, though the de-facto standard is to use it as default.

It is possible that someone may have set your IP, or IP range as a 'deny' rule in the httpd.conf, though unless a DoS originated from that block, it seems unlikely.

To test the DNS problem theory, you could always connect in a browser to the IP, 216.127.70.130.
As in, http://216.127.70.130/

If that works, you have DNS issues, if it still does not work there could be routing issues. As previously stated, a traceroute (*nix) or tracert (Winders) will show you where you stop the hop.
Posting that, will help as well.
Out of curiosity, where are you located? I have access to a service called Keynote, which provides me with access points all over the place -- hundreds upon hundreds all over the globe -- to test this sort of issue from various backbones. It's possible I have an access point someplace close to you which might use the same routing -- outside of your ISP's network that is.
Cheers.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Wow! That's pretty darn slick Daemonguy.

Cheers for that!
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

No worries. I have my moments, few and far between as they are. ;)
Cheers.
  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

Dont worry bout it, I figured out the problem. It wasnt anything you suggested, but thanks for your help anyway.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Say what? Rat -- no-way-no-how you are going to leave us in the dark. You have no idea how many people will Google this in the future and be left hanging by your last reply. (not to mention the people that tried to help wondering what the problem was) What was the problem? Sorry, but I just can't let you get away with that.
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

Amen. You can't spoon-feed us crumbs of information and expect us to make a cake out of it.
What was the deal?
Besides, I don't think anyone told you what the problem was, rather, everyone was offering methods of problem determination. :)
Technically speaking, anyway.
So what was it?
  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

Lol, sorry guys. Someone used/hacked my PC ( or a computer on my LAN) and tried to brute force my server , flooding it with false requests way to many times with way to many false results. So the server banned all access too my IP. =/
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Well now, that's an answer I wasn't expecting. Thanks for the update!
  • Rat
  • Guru
  • Guru
  • User avatar
  • Posts: 1190
  • Loc: desk

Post 3+ Months Ago

Yea, its a little weird and maybe hard to understand, but thats the facts =/ . *kicks firewall*

Post Information

  • Total Posts in this topic: 21 posts
  • Users browsing this forum: No registered users and 58 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.