Comment on Godaddy VPS by SEO Gold Coast Services.

I’m having this issue with a new Centos 7 VPS and looks like it’s to do with the OpenVZ container.

The server starts with all ports except 22 and 80 closed and iptables enabled, but NOT active because the default iptables file (/etc/sysconfig/iptables/) fails on line 14 (the commit line). This is the entire file:

# sample configuration for iptables service
# you can edit this manually or use system-config-firewall
# please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
there's a blank line here

The COMMIT line is line 14, but I’ve tried adding commit between each rule (after each -A INPUT” rule) and it fails at the first rule.

Can only get iptables to run via the “service iptables save” command which results in iptables running, but no rules saved.

# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT

The weird thing is ports 22 and 80 are open even when iptables is disabled at boot or has no rules.

I’ve tried disabling iptables and rebooting and ports 22 and 80 are still open, everything else blocked.

Firewalld wasn’t installed, after disabling iptables and installing firewalld

# sudo firewall-cmd --state
not running

and

# firewall-cmd --set-default-zone=public
Warning: ZONE_ALREADY_SET: public
success

and

# sudo systemctl status firewalld -l
� firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2016-12-30 17:49:36 UTC; 14min ago
Docs: man:firewalld(1)
Main PID: 698 (firewalld)
CGroup: /system.slice/firewalld.service
��698 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Dec 30 17:49:36 s######.secureserver.net firewalld[698]: WARNING: ipset not usable, disabling ipset usage in firewall.
Dec 30 17:49:36 s######..secureserver.net firewalld[698]: WARNING: ip6tables not usable, disabling IPv6 firewall.
Dec 30 17:49:36 s######..secureserver.net firewalld[698]: WARNING: '/usr/sbin/iptables-restore -n' failed:
Dec 30 17:49:36 s######..secureserver.net firewalld[698]: WARNING: '/usr/sbin/ebtables-restore --noflush' failed:
Dec 30 17:49:36 s######..secureserver.net firewalld[698]: ERROR: COMMAND_FAILED
Dec 30 17:50:41 s######..secureserver.net firewalld[698]: ERROR: ZONE_ALREADY_SET: public

The "sudo ifconfig" command outputs "sudo: ifconfig: command not found"

At this point I’m stuck.

I know iptables isn’t working as it should and firewalld when installed says it’s not running.

To confuse things even further I’m trying to install Virtualmin and it installs and opens ports for MYSQL and Usermin (port 20000), but fails to open other ports for Webmin (10000), POP3, FTP…

Godaddy support are useless, they don’t appear to understand the concept that the server is starting with a fault in the iptables setup.

What I’d really like to know is how ports 22 and 80 are open when iptables and firewalld aren’t enabled? Is there another firewall built into Godaddy servers by default???

There’s also some info about the iptables issue at https://www.centos.org/forums/viewtopic.php?f=51&t=54469

David Law

More Comments on Godaddy VPS by SEO Gold Coast Services


Installing Virtualmin Centos 7

Installing Virtualmin On Centos 7 with Iptables/Ip6tables Disabled

Finally figured it out.

Still haven’t a clue how the ports are opening etc… with iptables/ip6tables disabled (masked) in Centos 7, but I got …


Godaddy Open Ports

How to Open Ports on a Godaddy VPS Server Running Centos 7 OpenVZ

I think the new Godaddy VPS hates me.

Figured out why iptables was throwing out an error on line …


More Comments by SEO Gold Coast Services


Mass Unfollowing Thousands of Twitter Accounts

In my experience there’s very little if any risk in mass unfollowing.

I have Twitter accounts with tens of thousands of followers and tend to mass unfollow on an irregular basis …


Let’s Encrypt 302 Redirects HTTP to HTTPS

I’m glad you asked this question, I’d not realised there was an error in my VPS server setup!

I recently moved to a new VPS server and there was a new …


Google Defamation Process

Most likely Google alone.

Google trusts what they are told via the defamation reports, there doesn’t appear to be any detailed checking on Google’s part!

So if someone makes a credible defamation …


Google Mobile Usability Test

SEO tools like SEOptimer are generally not very good, they are built by programmers who are human and they make mistakes, so I’d take the SEOptimer Usability Device Rendering F …


Twitter Permanent Suspension

When you said “I apply most of the tricks talked about in this article” does that mean you are following at least 400 Twitter accounts everyday and unfollowing them all …


Camping World Biloxi

This is a Camping World Biloxi SEO test.

The Camping World Biloxi Google search phrase sees around 1,900 searches a month, a number 1 Google listing for Camping World Biloxi would …


Revolution Slider JS Bloated

All because I avoid using flashy JS features via plugins like Slider Revolution to maximise pagespeed does not mean I don’t know how to use flashy Javascript features whilst minimising …


GTmetrix Website Speed Test Location

Regarding GTmetrix speed testing you have to take into account hosting location when comparing 2 websites targeting different countries.

My SEO Gold site which mostly targets the UK market is hosted …