Ftp/sftp blacklist


#1

My sftp client suddenly stop connecting. When attempting to connect I get a message about algorithm mismatch. Attempting to login with ftp gives an authentication error. When I try the web-based net2ftp in the panel I get an authentication error.

DH support said my user accounts were in a blacklist file on the server. Typical of DH support, he did not know how my usernames got in the file. He cleared the names off the file and I was able to connect via ftp and net2ftp but not sftp.

Not surprisingly, a few hours later the problem appeared again, and I get the exact same messages when I attempt to connect. So I am restricted to using the shell. I have submitted another support ticket, but over 20 hours later I have no response.

What is this “blacklist?” How can a site owner’s username get placed in this file?

And most importantly, how the heck does anyone get a response from support? How do I get someone in support to find out why this has happened so that I can prevent it?


#2

I can’t speak for the particulars in your case, as I have not seen it, but generally speaking what you are describing can occur after “n” number of failed authentication attempts. This is a security feature designed to prevent brute force attacks.

It is not “typical” that the support representative would not know how your usernames got blacklisted, but it is typical that if it was a security related issue he/she may have declined to discuss the particulars of the issue with you until the matter had been looked into by members of our abuse/security team.

Often, the matter will be handled by these team members exclusively.

If this is/was the case, it may take longer for you to get a response as there are fewer people working on this team than are working on the general technical support team. While DreamHost endeavors to answer all support request within 24 hours, and is usually much faster that that, some things will need special attention and may take longer to address.

The answers to your final questions are that “your responses are sent via email” and “you submit a support request”.

As email is not perfect, you should check your support history (Support -> Support History) in the web panel to see if there is a response there that you did not receive (spam filer, failed MTA, etc.). All support contact regarding your account is archived there.

Support personnel will investigate every support request received. The amount of time it takes for them to respond to you depends on many things including, but not limited to, the number of pending support requests at any given time, the nature of your issue, and what research needs to be done to properly address it (as discussed briefly above).

If the standard goal of a response within 24 hours is not acceptable to you, you might consider adding the “call-back” option to your hosting plan.

–rlparker
–DreamHost Tech Support


#3

Thank you for the info, rlparker.

While we are on the subject of DH support, what is “typical” is that I get aggravatingly little information in email responses. It would have been very helpful if the response I received included the statement: “The blacklist file is a security feature. Security issues are handled by our security team. I will ask them to send you a more thorough response.”

All I got was: “I found that both your user accounts were in a blacklist file on the server, which was preventing these connections from happening. I looked around for a reason these accounts were blocked and could not find any, so I removed them from that file.”

So, I am left hanging, feeling that the problem is not fixed and not knowing if it was caused by me! The problem returns and 22 hours later I don’t know if it will ever be resolved.

My final question was a rhetorical expression of frustration. I know about Support History and I have experience with the call-back feature.

I understand your sanctimony in defending DH support, though I would rather you keep it to yourself and work to make DH support acceptable.


#4

As I said before, I have not seen your support request so I do not know if that would have been an appropriate response at all in your case. It might have been, and I agree that it is always better to get more information in a response than to receive less information.

My response to your message was not intended to be sanctimonious at all, and I was not trying to “defend” DH support. I perceived your post as a request for information and responded to it with what I thought might be helpful. Now that I clearly understand that it was more of a rhetorical rant, I’ll not make that mistake again. I will handle your posts differently in the future. :wink:

–rlparker
–DreamHost Tech Support