We are using ConfigServer Security & Firewall (csf) on server and we load the "STOPFORUMSPAM" with csf.blocklists
Since one week we have slow/strange/random issue with resolving domains:
Code: Select all
(XID 5mjkwh) The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “https://verify.cpanel.net/ipaddrs.cgi?ip=X.X.X.X” because of an error: Could not connect to 'verify.cpanel.net:443': Name or service not known at /usr/local/cpanel/Cpanel/HTTP/Client.pm line 107
Code: Select all
[root@YYYY ~]$ dig google.com
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.2 <<>> google.com
;; global options: +cmd
;; connection timed out; no servers could be reached
Code: Select all
[root@YYYYY ~]$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
347 packets transmitted, 0 received, 100% packet loss, time 345999ms
https://i.imgur.com/aiOQiiRl.png ---> You can view it !
For you information we use multiple resolver in /etc/resolv.conf but the first one is Google/8.8.8.8:
Code: Select all
[root@YYYY ~]# cat /etc/resolv.conf
options single-request-reopen
; generated by /usr/sbin/dhclient-script
search openstacklocal
nameserver 8.8.8.8
nameserver XXXXXXX
nameserver XXXXXXX
Code: Select all
16-Sep-19 22:09 8.8.8.8 test2 hello@domain.com 3-Sep-19 09:15
3-Sep-19 09:15 8.8.8.8 aiolblkfadiao02 aiolblkfadiao02@outlook.com
Why not ?
Include /etc/csf/open-resolver.allow
Code: Select all
// Google - Google INC. US
8.8.8.8
8.8.4.4
// LEVEL3 - level 3 Communications, INC .US
4.2.2.1
4.2.2.2
4.2.2.3
4.2.2.4
4.2.2.5
4.2.2.6
// DNS Advantage
156.154.71.1
156.154.70.1
// CloudFlare
1.1.1.1
1.0.0.1
// Norton ConnectSafe
199.85.126.10
199.85.127.10"
