I get ‘Server Connectivity’ error at google webmaster tool. I suspect it is because of iptables rules that I’ve set to counter some DDoS attacks, thugh I’m not sure which rules could be relevant. This may also help to know that I use Varnish/nginx combo as webserver and a standard robots.txt.
Here are the iptables rules
Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh DROP udp -- anywhere anywhere udp dpt:fsp DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW DROP all -f anywhere anywhere DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG DROP udp -- anywhere anywhere udp dpt:54243 DROP udp -- anywhere anywhere udp dpt:53331 DROP udp -- anywhere anywhere udp dpt:19147 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:11211 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
I appreciate your hints to resolve this.
You’re really letting the whole world access your memcached?! And for that matter practically everything else, since you’re only dropping traffic on a few ports.
I would suggest you drop that entire configuration and generate a fresh one using a tool such as
system-config-firewall-tui (CentOS 6) or
shorewall (any distribution).
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.