• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

HOSTBLIZZARD ► XenForo Web Hosting ► Starting at $1.83 ► cPanel / Instant Setup / Enterprise Quality

#21
Please feel free to contact me for testing our new 10Gbps DDoS protected platform. All websites and servers now include free DDoS protection!
 
#22
Fast signup...
quick access...
uploaded my landing page...
able to view site

however, I am not thrilled at the moment; no sooner
then I tried to log into cpanel, it appears my ip may
have been banned. I unable to view the page, unable
to login via domain url or IP address, ftp (no access)

I know the site is working as I am using tools to
verify if the site is online. This would not be the
first time this is happened, so I only imagine this
is the reason I am blocked from reaching anything.

I would suggest hosting providers would set some
thing up that will auto-whitelist a buyers IP. It
some-what defeats the purpose to have instant
signup, then ends up blocking the owner out....

I had access...
for 15min anyways...
now, page not available....
 
#23
@usAdultAds

Our web servers have various security features that could potentially work against you depending on the situation. We hope that by making you aware of some of these features we can prevent minor issues such as locking yourself out or getting blacklisted by our servers. On average we see more than 40 DDoS attacks daily, 99% of which are smaller than 10 Gbps, but are still able to disrupt a service that's unprotected. The 10 Gbps of DDoS protection has already been enabled on your account with us AND the following benefits:

1 - Failed Login Attempts:
If you are attempting to login to any server-side service (cPanel, FTP, WEB, EMAIL, etc) and have more than 5 failed login attempts within a relatively short period of time your IP will be blacklisted permanently.

The server will appear completely down for you (not others) if this happens since your IP will be blocked at the firewall. You must contact our support team to be unblocked.


2 - WordPress Logins:

We use rate-limiting on "/wp-login.php" which is the login page for users and admins for any WordPress installation. Too many requests in a short period to this page will be rate-limited, but not blacklisted. This greatly reduces brute-force attacks on WordPress installations. You will receive a page saying you are accessing the page too quickly. Chances are you will not see this page if you are a human.


3 - ModSecurity:

This is one of the most common ways to get blocked by our servers. From your cPanel you can disable ModSecurity on your website if you choose, however we do NOT recommend this. The protection ModSecurity provides is well worth the occasional false-positive. ModSecurity is a tool capable of real-time web application monitoring, logging, and access control. We use the OWASP ModSecurity Core Rule Set on our servers.

You can see full details about the protection ModSecurity provides here: http://go.cpanel.net/modsecurityowasp


4 - IP Blacklists:

Any network communication to or from any IP listed in any of the blacklists will be completely blocked at the firewall. Your home computer should not be on any of these lists. These blacklists greatly reduce the amount of malicious visitors, bot-nets, spammers, TOR exit nodes, and more.

We utilize the following IP BLOCK lists on our client web-servers:

  • Spamhaus Don't Route Or Peer List (DROP)
  • Spamhaus Extended DROP List (EDROP)
  • DShield.org Recommended Block List
  • TOR Exit Nodes List
  • Alternative TOR Exit Nodes List
  • BOGON list
  • Project Honey Pot Directory of Dictionary Attacker IPs
  • C.I. Army Malicious IP List
  • BruteForceBlocker IP List
  • OpenBL.org 30 day List
  • Autoshun Shun List

Everything is logged!

There are many other security tweaks to our environment on the server, firewall, PHP, MySQL, etc that we simply can't go into full detail about. If you are having connectivity issues to our servers it's best you contact our support department for further assistance.


If you have any questions or concerns, please let us know!
 
#24
hi,

then your logs will show that I never even made a login attempt...
I was booted no sooner then I got too a page that would not
allow me to even see the login page...

anyways, after being locked out for several hours,
it appears to be rolling again...

Ive lost my concentration now...

all is good, no worries...
 
#25
Correction: I said in the original post that "i tried to login" that statement was
incorrect as I never actually made it past the https page, it blocked me at that point.
for whatever reason, I am not sure, it is your security... :)

In fact, this is what it said:

Your connection is not private
Attackers might be trying to steal your information from xx.xx.xxx.xxx (for example, passwords, messages, or credit cards).

NET::ERR_CERT_COMMON_NAME_INVALID


Why it blocked me here I dunno, but now I can
see the advanced option where I can continue, but
the first time, i imagine it just banned my IP for
no reason that I can think of, i dunno...
 
#29
SUMMER SALE 2016 - 30% OFF EVERYTHING until July 31, 2016. Use code "SUMMER2016" during checkout!
 
Last edited: