Advance

Troubleshoot Firewall Rules on DirectAdmin

You would need to troubleshoot firewall rules on DirectAdmin if you are experiencing connectivity issues or if you are unable to access certain services or applications. This article will teach you How to Troubleshoot Firewall Rules on DirectAdmin. If you intend to buy your own DirectAdmin VPS server, you can check the packages offered on the Eldernode website.

How to Troubleshoot Firewall Rules on DirectAdmin

DirectAdmin is a popular web hosting control panel that allows users to manage their web hosting accounts. It includes a built-in firewall that allows you to control the incoming and outgoing network traffic on your server. You may experience connectivity issues or be unable to access certain services or programs, so you should troubleshoot firewall rules in DirectAdmin.

 

Firewall-rules-on-DirectAdmin

 

Recommended Article: using tar command on Linux

Named is Running but is not Responding to Requests

Running Named indicates that your DNS settings are correct, so the usual cause of not requesting responses is either a firewall or /etc/named.conf setting.

If you want to ensure that named is running and listening on all IPs, run the following command:

netstat -lnp | grep named

If you don’t want to see all IPs listed, bound to port 53, you should check the /etc/named.conf for a setting relating to the word “bind” or “listen” to ensure it’s not just binding to local IPs.

Named is bound to all IPs, but is instructed to only offer response to local IPs. You can check your /etc/named.conf to ensure this is NOT set as shown below:

allow-query { localhost; };

You should remove these if you find them because it will prevent external sources from querying your box.

listen-on port 53 { 127.0.0.1; };  
listen-on-v6 port 53 { ::1; };

If you don’t remove it, Named will only listen to these IPs, let alone which IPs it allows to query it.

Now check you don’t have a firewall blocking port 53. To do this, stop iptables to test by running the following command:

service iptables stop

Testing your DNS IPs

Invalid IPs set in the file /etc/resolv.conf can cause DNS lookup errors. The resolver starts at the first “Nameserver” entry and moves down.

An example /etc/resolv.conf might look as shown below:

nameserver 8.8.8.8
nameserver 8.8.4.4

Remember that you may have IPs assigned by your data center to use their name servers.

You can test the lookup of the A record of a google.com domain with a specific DNS IP 8.8.8.8 by running the following command:

dig A google.com @8.8.8.8

The value you want is the IP under the;; ANSWER SECTION:

– A return value can have many results, all of which must be displayed if the domain resolves to more than one place.

– If a** blank IP** is displayed in the result, it means that the name server is responding, but the desired domain is not on that server and recursive queries are disabled.

– If you can’t connect at all, you should check that “named” is running. Also, this can be caused by not opening port 53 for both TCP and UDP in your firewall. To explicitly test TCP and UDP, you should add the option +tcp or +notcp respectively. Lookups usually use UDP if not specified.

That’s it!

Recommended Article: How to Install Python 3.6 in Debian 9

Conclusion

In this article, we taught you how to troubleshoot Firewall rules on DirectAdmin. I hope this tutorial was useful for you and that it helps you to troubleshoot firewall rules on the DirectAdmin VPS server. If you have any questions or suggestions, you can contact us in the Comments section.

View More Posts
Tom Veitch
Eldernode Writer
We Are Waiting for your valuable comments and you can be sure that it will be answered in the shortest possible time.

Leave a Reply

Your email address will not be published. Required fields are marked *

We are by your side every step of the way

Think about developing your online business; We will protect it compassionately

We are by your side every step of the way

+8595670151

7 days a week, 24 hours a day