PDA

View Full Version : IP of 127.0.0.1 banned

anewday
11-10-2008, 11:15 PM
I think this made litespeed fail and cpanel automatically restart it.

email from cpanel
httpd failed @ Mon Nov 10 23:32:03 2008. A restart was attempted automagically.

Failure Reason: Service check failed to completehttpd: [ != HTTP/1..]

error_log
2008-11-10 23:25:37.119 NOTICE [127.0.0.1] Reached per client connection hard limit: 60, close connection!
2008-11-10 23:32:05.655 NOTICE Server Restart Request via Signal...
Just minutes before httpd failed. I checked the access log and it seems that someone spoofed that IP.

I think you should hard code the IP of 127.0.0.1 exempt from being banned by litespeed.
mistwang
11-11-2008, 09:38 AM
Make 127.0.0.1 a trusted IP.

http://www.litespeedtech.com/docs/webserver/config/security/#accessControl_allow
anewday
11-11-2008, 09:58 AM
Yes, I thought of that afterwards. But, I think you should include it by default in the later versions. It only makes sense. ;)

Is this fine to exclude 127.0.0.1 from connection/throttling limits?

Allowed List

ALL
127.0.0.*T
mistwang
11-11-2008, 10:03 AM
It is not safe, as some one may be able to initiate an attack from localhost.
anewday
11-11-2008, 10:04 AM
Will litespeed continue to function if it blocks 127.0.0.1 ?
mistwang
11-11-2008, 10:14 AM
Yes, it should work.
cPanel should not try to establish 60 connections at once though.
anewday
11-11-2008, 10:24 AM
It's not cpanel, I think it's a legitimate person using a proxy server. The cpanel monitoring restarted httpd automatically as I set it to enabled in the Service Manager.