Root Login to WebMin Fails

katir · March 30, 2013, 4:22am

Error - Access denied for 67.52.81.242. The host has been blocked because of too many authentication failures.

is what I’m getting in the browser…(that’s my IP here on the outgoing firewall/gateway for “varuna.hindu.org”

Yep: some odd errors … I think it is something my guy did about security…

[29/Mar/2013:18:43:58 -0700] [67.52.81.242] Bad Request : This web server is running in SSL mode. Try the URL https://64.151.71.252.servepath.com:10000/ instead.

but seems I need to unblock our IP here… but I don’t see any DROP for our domain in the iptables which look like this (we are varuna.hindu.org here)


[root@sat webmin]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ftp-data 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ftp 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8333 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pcsync-http 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp-data 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 
DROP       all  --  anywhere             anywhere            state INVALID 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:webcache 
ACCEPT     tcp  --  varuna.hindu.org     anywhere            tcp dpt:smtp 
ACCEPT     tcp  --  gateway2.hindu.org   anywhere            tcp dpt:smtp 
ACCEPT     tcp  --  varuna.hindu.org     anywhere            tcp dpt:ftp 
ACCEPT     tcp  --  gateway2.hindu.org   anywhere            tcp dpt:ftp 
ACCEPT     tcp  --  varuna.hindu.org     anywhere            tcp dpt:submission 
ACCEPT     tcp  --  gateway2.hindu.org   anywhere            tcp dpt:submission 
ACCEPT     tcp  --  varuna.hindu.org     anywhere            tcp dpt:ndmp 
ACCEPT     tcp  --  gateway2.hindu.org   anywhere            tcp dpt:ndmp 
ACCEPT     tcp  --  cdm-75-109-138-39.asbnva.dh.suddenlink.net  anywhere            tcp dpt:ndmp 
ACCEPT     tcp  --  varuna.hindu.org     anywhere            tcp dpt:dnp 
ACCEPT     tcp  --  gateway2.hindu.org   anywhere            tcp dpt:dnp 
ACCEPT     tcp  --  varuna.hindu.org     anywhere            tcp dpt:postgres 
ACCEPT     tcp  --  gateway2.hindu.org   anywhere            tcp dpt:postgres 
ACCEPT     tcp  --  varuna.hindu.org     anywhere            tcp dpt:mysql 
ACCEPT     tcp  --  gateway2.hindu.org   anywhere            tcp dpt:mysql 
ACCEPT     tcp  --  c-174-59-203-162.hsd1.pa.comcast.net  anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:30000 
DROP       tcp  --  anywhere             anywhere            tcp dpts:tcpmux:65535 
DROP       udp  --  anywhere             anywhere            udp dpts:tcpmux:65535 
ACCEPT     all  --  anywhere             anywhere            
Chain FORWARD (policy ACCEPT)

target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

note we have two gateways on our firewall here that broadcast themselves as varuna.hindu.org and gateway2.hindu.org

But I’m no expert at reading IPtables… maybe we are blocked…