Jump to content

[Solved] I think I might have a blocked IP


halfercode

Recommended Posts

Hi there

 

 

I successfully logged onto the cPanel, but the SFTP seems to be denying me access. I tried this a few times, and got a "Too many authentication failures for halfer" in Filezilla (while connecting to johnny.heliohost.org:1373). Since then I have had trouble with cPanel on Jonny - either the login operation times out, or I get a "The login is invalid". It seems to be quite inconsistent in how it responds.

 

I have tried now around 15 times, so I expect I'm blocked. Also, I use a VPN as a matter of course, which may complicate things (I barely know it's there, but it gives me an exit IP usually somewhere in Europe).

 

If someone can give my account a kick, that would be most appreciated - I am keen to have a play. Thanks for setting up this project!

 

Link to comment
Share on other sites

The IP you're posting from isn't blocked. Try going to https://heliohost.org/login/ and logging in. If it's blocked, that will tell you the exact IP that's blocked on our end, and why it got blocked. Once we know that, I can unblock you.

 

Also, be aware that if you're on Johnny, he's down a lot due to load. Login failures due to load generally just show up as invalid logins (they time out), and you can resolve it by just trying again later. (You can see load history for your server here: http://heliohost.grd.net.pl/monitor/)

Link to comment
Share on other sites

OK, thanks wolstech. I just logged into https://heliohost.org/login/ which was fine, and from there hopped to cPanel via the automatic login link. Great! Must've been load issues before.

 

I'm still having issues with SFTP via SSH though, in FileZilla. I'm using username "halfer" to host "johnny.heliohost.org" and port "1373". I OKed a server cert fingerprint. I get logs like this:


Status:	Connecting to johnny.heliohost.org:1373...
Response:	fzSftp started, protocol_version=4
Command:	open "halfer@johnny.heliohost.org" 1373
Command:	Pass: ********************************
Error:	Server sent disconnect message
Error:	type 2 (protocol error):
Error:	"Too many authentication failures for halfer"
Error:	Could not connect to server
Status:	Waiting to retry...
Status:	Connecting to johnny.heliohost.org:1373...
Response:	fzSftp started, protocol_version=4
Command:	open "halfer@johnny.heliohost.org" 1373
Command:	Pass: ********************************
Error:	Server sent disconnect message
Error:	type 2 (protocol error):
Error:	"Too many authentication failures for halfer"
Error:	Could not connect to server
Status:	Disconnected from server
Status:	Connecting to johnny.heliohost.org:1373...
Response:	fzSftp started, protocol_version=4
Command:	open "halfer@johnny.heliohost.org" 1373
Command:	Pass: *****************************

Aha, I just revisited the Helionet panel, and got this:

 


The IP address 89.249.74.213 has been blocked for trying to log in to SFTP with the wrong password too many times. To prevent this from happening again in the future please make sure your username and password are saved correctly in your SFTP client. You won't be able to continue to cPanel until an admin unblocks you. To request that your IP be unblocked please visit [link]

 

Oops, and apologies. I pasted the password from my browser, so 99% sure it was right. Now cPanel isn't responding, presumably because of the block.

 

If you can unblock the IP, I will change my account password in cPanel, so I am 100% sure. Thanks!

 

(I wonder if my login failure count needs to be reset in the SSH server too?)

Edited by halfercode
Link to comment
Share on other sites

OK, that's unblocked (you may need to give it up to 10 minutes to take effect). You're correct that cPanel didn't work because of the block (when blocked, nothing on the server you're blocked from will work for you).

 

I'm not sure what's up with the SFTP...you're using the same username and password as cPanel correct? If so, it just might be load, but I'll move this so Krydos can double check for you.

Link to comment
Share on other sites

Thanks. It was unblocked for a while, and I was able to get back into the cPanel. However, no such luck on SFTP, where I got some errors:

Error:	GnuTLS error -15: An unexpected TLS packet was received.
Error:	Could not connect to server

I made a substantial effort to dig out my cPanel password and put it into Filezilla, and after a couple of errors, I am back to "Too many authentication failures for halfer". My password is 40 chars long, and has all sorts of brackets and quotes - I doubt that would be it, but hey-ho. I don't normally have these issues - I am a software engineer looking for some hosts to recommend to folks looking for simple hosting.

 

So, if you have further suggestions I am all ears, but no rush. It sounds like the servers are melting already, and they do not need more users :D

Link to comment
Share on other sites

My password is 40 chars long, and has all sorts of brackets and quotes - I doubt that would be it, but hey-ho. I don't normally have these issues - I am a software engineer looking for some hosts to recommend to folks looking for simple hosting.

 

So, if you have further suggestions I am all ears, but no rush. It sounds like the servers are melting already, and they do not need more users :D

Try changing your password to something <20 characters, no symbols. While there shouldn't be an issue, I did run into an issue a little while back on here that turned out to be caused by a password being too long. Also, be aware that the "additional accounts" options don't work with SFTP (you need to use plain unencrypted FTP on port 21 for these).

 

We also limit our usernames to 8 characters...(though this one there's no longer any reason for technically...it's a legacy thing from old cPanel versions).

Link to comment
Share on other sites

Try it with only your username: halfer instead of halfer@johnny.heliohost.org.

That's the internals of FileZilla, not me - the username I used here was "halfer". Maybe there's an options panel to determine how that is sent...

 

Try changing your password to something <20 characters, no symbols. While there shouldn't be an issue, I did run into an issue a little while back on here that turned out to be caused by a password being too long. Also, be aware that the "additional accounts" options don't work with SFTP (you need to use plain unencrypted FTP on port 21 for these).

I think that might be it. Here is my reasoning:

 

My hugely complex password works on the Helionet login, but if I try to use that to change the cPanel password, it is not recognised (I have copy+pasted it directly from the browser, so I know it is right). It looks like my complex (generated) 40-char password is OK for your company first system, and not for cPanel. They have thus come out of sync. At a guess, I could sit here and try reducing the password length to 39, 38, 37 chars and so forth, but it'd probably be better tracing the bug. We don't want to punish people for using good passwords :P

 

I assume the reason I can get into cPanel in the first place is that I use the seamless login device from the first system, and I have never actually used a password to get in.

 

It's not the additional account thing btw - I am using the main account so I can use SFTP.

 

If you would like to just delete the halfer user from your systems, let me know when that is done, and I'll post the password I used, if you would like to try debugging. I'll sign up again with a shorter password!

Link to comment
Share on other sites

Assuming what I can find from 2014 is still true with today's versions, cPanel's maximum on passwords is 18 characters, which would explain why your ridiculously long password won't work. Can you try changing the password to something 18 characters long and see if that one works correctly?

Link to comment
Share on other sites

Unfortunately I can't, since I need to know what cPanel thinks the password is in order to be allowed to change it. I have taken the first 18 characters of the working Helionet password, and it is still reported as wrong.

 

I don't specialise in infosec, but I've seen it in print that passwords should (these days at least) be allowed to go up to something large (128 chars) in order to avoid these sorts of truncation problems (or to avoid the worse situation of a user getting much less entropy than they think they are getting). But, cPanel is probably about ten years behind things :rolleyes:

 

If you can force a password change for both systems and then PM it to me, that'd be another way to solve it. I can change it again then (assuming changing it will sync it in both places). However, if cPanel is this fussy, then I think the other system needs to be fussy as well...

Edited by halfercode
Link to comment
Share on other sites

Please check the email address associated with your account for an email with a new password. I have verified that the password in that email is working on cPanel's login interface at https://johnny.heliohost.org:2083/ The other system should have updated as well because they both check against the password on the hosting server and thus can't be changed independently.

 

 

But, cPanel is probably about ten years behind things :rolleyes:

 

If you can force a password change for both systems and then PM it to me, that'd be another way to solve it. I can change it again then (assuming changing it will sync it in both places). However, if cPanel is this fussy, then I think the other system needs to be fussy as well...

I agree that our system should enforce the same requirements. I'll see if Krydos can do some additional testing and perhaps add a max password length check. You're only the second user in my 7 years to ever have a password that's too long though.

 

As for having a limit to begin with, yeah, cP is behind on quite a few things, and actually surprisingly up to date on others. The password limit I'm unsure why this exists (and oddly, the actual password was stored correctly because our system could verify it). The former username actually was a limitation of MySQL based on my reading...cPanel just enforced it so MySQL would work properly.

Edited by wolstech
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...