Nick Howitt wrote:
Disabling the port in the Incoming Firewall only disables it to the External interfaces. It should still work on any LAN interfaces (but not HotLAN). Are you by any chance in Standalone with Firewall mode? If you are, closing the Incoming firewall would disable SSH access.
Yep... I am running ClearOS in Standalone with firewall mode. Also, you are right about SSH Access. Now, it looks like everything is working as it should. I believe this issue was brought up, because I cleared the log. There must've been one too many to begin with and Attack Detector app also was posting events at the same time event.db was cleared. Hopefully, this won't happen again.
I ran your commands. First, I enabled port 22 like you said and followed by other commands relating to clearsync. Now, it let me login to WebConfig, although it is still sort of sluggish.
Now, how do I disable port 22 using the same terminal command? Even though I enabled port 22 through terminal command, it wasn't reflected in the WebConfig under Firewall -> Incoming firewall. It still said port 22 disabled.
I want to put everything back to the way it was before.
Thank you for all the help, Nick.
When I was able to login through webconfig, I always disabled port 22 by clicking firewall -> incoming connection... there, I disabled it by click disable button. I do that right after completing my tasks before I logout of the system for safety reason.
Yes, I can't get to it from LAN. Also, tried it at the Computer System by selecting start terminal in graphical interface option or mode. It brought WebConfig login page. So, I tried to login as root and still it just sat there for over 10 minutes. At that point, I restarted the computer system.
Let me run the commands you suggested and will let you know how it goes.
Since I can't log into webconfig and SSH port 22 is disabled, the only option I have is hooking up a monitor, keyboard and mouse at the ClearOS Webserver computer system. So, that's what I did. I was able to login as root and get into the system's files and folders. Is there anything I can do with this setup?
How do you enable or open ports that are disabled or closed under firewall? My port 22 is disabled. I need to enable it.
You know at the top right hand corner there is a drop down button (Screwdriver). It had round red dot with a message 3,300 login attempt fails. I never cared to do anything about it until last week. I simply clicked on the red dot and one of the option it had was Clear logs or something like that. I clicked on it. Then, it took me to a page where I can select what actions to take. One of that was "CLEAR LOG." I check marked it and clicked on run command. That's when it popped up with a warning message and requested me to CONFIRM my action.
This log is not for Attack Detector. This log is for the whole ClearOS.
I am running ClearOS ( I wish I can tell what version it is. Probably close to the latest version ) for our website and email. I have been running ClearOS successfully although it sometimes hung up on running clamscan. Recently I have noticed that our server is being attacked a lot through SSH or through DDOS. So, I recently installed an App called Attack Detector through WebConfig and while I was at it I also decided to clear out all them 3,300 failed login attempt by hackers or attackers. Well, when I initiated the command by clicking on clear log, ClearOS threw up a message box saying that what I am about to do can have negative effect and that the administrator has taken all the necessary step to avoid any issues or something along that line. I don't exactly remember the message. It was like 20 sentences long paragraph. Anyways, I thought to myself, "I am only clearing out the log, What can go wrong." Well, as soon as I clicked on the confirm button, there was a pause or clearos webconfig froze for about a minute and followed by completely freezing up. Even though I was able to click on other options, ClearOS webconfig completely did not respond. Then, I decided to logout and log back into WebConfig. Once I logged out, I have NOT been able to log back in at all since last week. Apparently, ClearOS WebConfig is checking my login credentials. When I enter a wrong passcode, it returns with login failed within 10 seconds. If I enter the correct user and passcode, it just sits there spinning the wheel forever and sometime it times out.
So, What have I done so far? I shutdown and rebooted our computer system running ClearOS and that didn't fix my issue. I rebooted the Internet router or modem and rebooted ClearOS system and that didn't help either. I am at a loss as to how to fix this issue. The last thing to do would be to get into the system using SSH. However, we always disable SSH port when we are done with whatever we are doing on the server before logging out for safety reason. That means I can't even log into SSH on a terminal. The odd thing about this ordeal is that our website works and email server works NO PROBLEM. We can access our website and it responds with no delay. Our Email server works as well; we can send and receive emails.
I am very STUCK. I hope someone could help me or give me hints as to resolve this issue on our ClearOS server.
Hi iSparky System
Thank you for your reply. I did pretty much everything you have listed including dkim successfully. Now, our sent emails go into inbox of our recipient not in their junk or spam folder.
Nicks and your post will definitely help others as well.
Thank you for your reply. I did look into /etc/postfix/main.cf and I don't see smtp_tls_security_level option in the file. However, I do see smtp_use_tls option set yes. Can I add this option in the main.cf file just like you have? Just wondering. Thanks.