Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

I locked SSH / FTP / VESTA from all connections using Firewall, misconfigured

https://forum.vestacp.com/viewtopic.php?f=10&t=14876

Page 1 of 1

I locked SSH / FTP / VESTA from all connections using Firewall, misconfigured

Posted: Sun Jul 02, 2017 4:32 pm
by wtfowned
I had firewall rules, which allowed to connect server only from my IP :

Code: Select all

RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='MY_LOCAL_IP' COMMENT='VESTA' SUSPENDED='no' TIME='00:50:57' DATE='2017-05-26'
RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='127.0.0.1' COMMENT='DB' SUSPENDED='no' TIME='03:11:45' DATE='2017-05-29'
RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='127.0.0.1' COMMENT='IMAP' SUSPENDED='no' TIME='00:52:14' DATE='2017-05-26'
RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='127.0.0.1' COMMENT='POP3' SUSPENDED='no' TIME='00:52:00' DATE='2017-05-26'
RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='127.0.0.1' COMMENT='SMTP' SUSPENDED='no' TIME='00:51:46' DATE='2017-05-26'
RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='MY_LOCAL_IP' COMMENT='FTP' SUSPENDED='no' TIME='00:49:36' DATE='2017-05-26'
RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='MY_LOCAL_IP' COMMENT='SSH' SUSPENDED='no' TIME='00:49:25' DATE='2017-05-26'
Than I suspend 3 of them from Vesta Firewall tab:

Code: Select all

RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='MY_LOCAL_IP' COMMENT='VESTA' SUSPENDED='yes' TIME='00:50:57' DATE='2017-05-26'
RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='MY_LOCAL_IP' COMMENT='FTP' SUSPENDED='yes' TIME='00:49:36' DATE='2017-05-26'
RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='MY_LOCAL_IP' COMMENT='SSH' SUSPENDED='yes' TIME='00:49:25' DATE='2017-05-26'
And after that I cant connect to my server from nowhere! I'm using OVH, so I started Rescue mode and fixed config to it's previous data, but after reboot it's still doesnt work. Also I tried to switch MY_LOCAL_IP to 0.0.0.0/0 and it's also doesn't work. What I'm going to do ?

File which i fixed in rescue mode is:
/usr/local/vesta/data/firewall/rules.conf

I've rebooted server several times, but still nothing happend.
Mysql / Apache / nginx works properly, all sites works, but I cant connect to my own server :((

Re: I locked SSH / FTP / VESTA from all connections using Firewall, misconfigured

Posted: Mon Jul 03, 2017 11:49 am
by Trentor
You could turn off your firewall from the OVH rescue mode. If you are using systemd, delete the file "your.firewall.service" from /etc/systemd/...

Then, reboot your server and reconfigure the firewall and turn it on again (systemctl enable your.firewall.service).
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/