Sometimes you find the website hosted with us inaccessible, and there is no update on our Status page considering the server issues.
More than that, you are not able to access cPanel and webmail. The links http://serverIP/cpanel and http://cpanel.domain.com are receiving the error Server connection timed out. What is happening? Most likely, your external IP address was blocked by Firewall.
Firewall is a set of devices designed to protect networks from unauthorized access while permitting legitimate communications to pass. Due to security reasons, we have installed Firewall on our servers, too.
Automatic firewall blocks are created for certain external IP address from which unauthorized access attempts were noticed by Firewall monitoring program. In case of 20 failed login attempts from your IP-address it gets temporarily blocked for 10 minutes. If more failed login attempts are detected during this period IP gets blocked permanently. If server detects 15 failed login attempts from different IP addresses this account will be temporarily locked for 5 minutes.
So, if you find yourself not being able to connect to the website, cPanel and webmail from a certain computer, most likely you have triggered the Firewall rules. Please contact our Support and we will gladly unlock your IP.
What can be the reason of the IP being blocked and how to avoid it?
- Exceeding number of failed cPanel login attempts
When you were not able to login to cPanel from the first time, please do not try to do it as many times as possible. Once you have used the incorrect login details 20 times in 300 seconds, the IP gets blocked. To avoid that, please check your login details in a Welcome Email Guide that was sent to the email account, associated with the hosting package. Otherwise, feel free to ask for the cPanel password reset via our Support
Note: you can use Roboform and Lastpass web-browser addons to keep your login details safe and secure and not to have to type and remember them.
- Failed POP3/IMAP/SMTP or Webmail login
Apart from cPanel login protection, Firewall also prevents unauthorized access to mail service.
1. Block due to webmail failed login attempts
If you were having issues with logging into webmail and, as result both cPanel and webmail are no longer available, most likely you have triggered similar IP block for email access.
2. Block due to failed POP3/IMAP login attempts
If you start receiving errors/pop-up windows related to IMAP/POP3 failed authentication in your email client then it is possible that login credentials for email account are outdated/incorrect. Unfortunately, in this case email client will not stop trying to access mail server which may in time result in permanent IP-block as well.
3. Block due to failed SMTP login attempts
This kind of block occurs when SMTP authentication data is not valid so you can’t send email from email client (you can still have correct settings for incoming mail server and receive new emails without issues). Usual symptoms for such issue are the emails that do not leave “Outbox” or errors/pop-ups messages that notify about failed SMTP authentication. Make sure that SMTP login is your full email address and password is the same as for incoming mail server.
If you still can’t log in with old password consider resetting it once your IP address is unlocked, you can do it in the cPanel account on the Email accounts page:
- Incorrect email client settings
Email client settings may also cause IP block so if you are struggling with email client setup, it is better to delete not working email account from email client and start from scratch later.
NOTE: frequent POP3 queries to server can cause high general server load. In order to avoid this we have implemented the limit of 90 POP3 connections/per hour from single IP address for all shared users. Therefore, it is not recommended to set POP3 mail check interval lower than 5 minutes in order to avoid IP blocking.
- Failed FTP/SSH login
Make sure your FTP client is using correct login details and appropriate settings. Please make sure to use port 21 for FTP and 21098 for SFTP (SSH). Note that we enable SSH by users request. Therefore please contact us via Support requesting to enable SSH.
- Failed web page login
- PortScan activity
Port scan is an attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability of that service. To avoid that, please make sure your cleints are set without permanent tries to scan server's ports. Reduce timeout intervals on all FTP and mail clients in your network. If there are many users in your network, and all of them are accessing the Internet from external IP address, make sure they do not reconnect with FTP or mail clients frequently. Connection requests coming from one IP can trigger the firewall to block the IP. You can modify FileZilla's max concurrent connections for every site you connect to the following way:
1. Start up the FTP program FileZilla, and then go to Edit and then Settings
2. Under the left sidebar menu on the Settings window, you should see a Transfers option. Click it.
3. Under Concurrent transfers, you have the label, "Maximum simultaneous transfers:", then a text box with a numeric value in it. Make sure that number is 3 or less. It is recommended to keep this value at 1 if possible, because little difference is often seen and having multiple connections would slow down your uploads in the long run. If the value is more than 3, you risk being blocked.
4. Hit the button labeled, "OK" and then exit out of FileZilla and start it up again for the changes to go in effect:
To change the max number of concurrent FTP connections on a per-site basis, you need to go to File, and then Site Manager. Click on the saved web site you wish to edit, then click on the "Transfer Settings" tab. Change the value in the text box listed there to 3 or less, hit the button labeled, "OK" then disconnect and restart FileZilla for the changes to go in effect.