Sorry, 185.25.117.62 has been banned

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: issar.com.ua

I ran this command: in brouser

It produced this output: Sorry, 185.25.117.62 has been banned.

My web server is (include version): apache 2

The operating system my web server runs on is (include version): ubuntu 18.04

My hosting provider, if applicable, is: https://www.ukraine.com.ua/

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): vestacp

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): i dont no

Can you explain how what you're trying to do is related to Let's Encrypt? Are you the administrator of that web site, or are you just trying to visit it as a user?

I need help. i have a problem with ssl

That is not a Let's Encrypt issue.

$ curl issar.com.ua ; echo
Sorry, 185.25.117.62 has been banned.

And with Windows 10 Firefox 108.0.1 (64-bit)

You also have a problem without SSL.

I can't figure out what to do with this. vesta issued certificates and i got this

Also not seeing consistent results with nmap
First run I see 443/tcp open https the second run I do not.

$ nmap issar.com.ua
Starting Nmap 7.80 ( https://nmap.org ) at 2023-01-04 17:04 UTC
Nmap scan report for issar.com.ua (185.25.117.62)
Host is up (0.20s latency).
rDNS record for 185.25.117.62: vps-42333.vps-default-host.net
Not shown: 980 closed ports
PORT     STATE    SERVICE
21/tcp   open     ftp
22/tcp   open     ssh
25/tcp   filtered smtp
53/tcp   open     domain
80/tcp   open     http
110/tcp  open     pop3
135/tcp  filtered msrpc
139/tcp  filtered netbios-ssn
143/tcp  open     imap
443/tcp  open     https
445/tcp  filtered microsoft-ds
465/tcp  open     smtps
587/tcp  open     submission
993/tcp  open     imaps
995/tcp  open     pop3s
2525/tcp open     ms-v-worlds
3306/tcp open     mysql
8080/tcp open     http-proxy
8083/tcp open     us-srv
8443/tcp open     https-alt

Nmap done: 1 IP address (1 host up) scanned in 22.31 seconds

$ nmap issar.com.ua
Starting Nmap 7.80 ( https://nmap.org ) at 2023-01-04 17:07 UTC
Nmap scan report for issar.com.ua (185.25.117.62)
Host is up (0.19s latency).
rDNS record for 185.25.117.62: vps-42333.vps-default-host.net
Not shown: 981 closed ports
PORT     STATE    SERVICE
21/tcp   open     ftp
22/tcp   open     ssh
25/tcp   filtered smtp
53/tcp   open     domain
80/tcp   open     http
110/tcp  open     pop3
135/tcp  filtered msrpc
139/tcp  filtered netbios-ssn
143/tcp  open     imap
445/tcp  filtered microsoft-ds
465/tcp  open     smtps
587/tcp  open     submission
993/tcp  open     imaps
995/tcp  open     pop3s
2525/tcp open     ms-v-worlds
3306/tcp open     mysql
8080/tcp open     http-proxy
8083/tcp open     us-srv
8443/tcp open     https-alt

Nmap done: 1 IP address (1 host up) scanned in 17.37 seconds

I'm wondering where that exact "..has been banned" error comes from? Because I can visit your site perfectly with a "Coming Soon" title. Looks like a VestaCP placeholder.

Also, the IP address 185.25.117.62 is the IP address from your site. So it looks like that someting else is blocking access to your own site, perhaps your internet service provider?

However, I'm puzzled why @Bruce5051 would also see that "has been banned" error message.. Weird.

In any case, it does not have anything to do with TLS nor with Let's Encrypt I'm afraid. Perhaps ask the hosting provider of your website?

I fully agree this is a problem with their configuration and not Let's Encrypt

I can also see their site just fine from my own test server.

And, an SSL Checker (link here) sees it just fine and shows a valid cert from today

A Let's Debug test (link here) also worked.

But, SSL Labs cannot connect to it at all (link here)

It looks like some active firewall or adaptive DDoS protection system given some of what Bruce observed (inconsistent results).

I've just rammed "Reload" on https://issar.com.ua/ in my browser for a many few times fast, but it's not blocking me?

FYI - I had http://issar.com.ua/ not https when I check.

Maybe it didn't like Bruce's port probes? In any event, I think we all agree this is a comms or security issue setup on their own equipment

Same result.

Lemme NMap the ()#*$() out of it then -> NMapped multiple methods, but everything same result and no ban.

Fully agree

And now I get with curl

$ curl issar.com.ua
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
    <title>issar.com.ua &mdash; Coming Soon</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
    <meta name="description" content="This is a default index page for a new domain."/>
    <style type="text/css">
        body {font-size:10px; color:#777777; font-family:arial; text-align:center;}
        h1 {font-size:64px; color:#555555; margin: 70px 0 50px 0;}
        p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }
        div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}
        a:link {color: #34536A;}
        a:visited {color: #34536A;}
        a:active {color: #34536A;}
        a:hover {color: #34536A;}
    </style>
</head>

<body>
    <h1>issar.com.ua</h1>
    <div>
        <a href="https://vestacp.com/">Server control panel by VESTA</a>
    </div>
</body>

</html>

And, SSL Labs can now connect too (link here). All looks good there although score capped at B for older TLS 1.1 support

Something seems to have changed to fix their system

@artem Are you still seeing the original problem?

And now Port 443 is Closed

image638×1890 28.8 KB

Open

$ nmap -Pn issar.com.ua
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2023-01-04 10:02 PST
Nmap scan report for issar.com.ua (185.25.117.62)
Host is up (0.20s latency).
rDNS record for 185.25.117.62: vps-42333.vps-default-host.net
Not shown: 980 closed ports
PORT     STATE    SERVICE
21/tcp   open     ftp
22/tcp   open     ssh
25/tcp   filtered smtp
53/tcp   open     domain
80/tcp   open     http
110/tcp  open     pop3
135/tcp  filtered msrpc
139/tcp  filtered netbios-ssn
143/tcp  open     imap
443/tcp  open     https
445/tcp  filtered microsoft-ds
465/tcp  open     smtps
587/tcp  open     submission
993/tcp  open     imaps
995/tcp  open     pop3s
2525/tcp open     ms-v-worlds
3306/tcp open     mysql
8080/tcp open     http-proxy
8083/tcp open     us-srv
8443/tcp open     https-alt

Nmap done: 1 IP address (1 host up) scanned in 11.84 seconds

Closed

$ nmap -Pn issar.com.ua
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2023-01-04 10:12 PST
Nmap scan report for issar.com.ua (185.25.117.62)
Host is up (0.19s latency).
rDNS record for 185.25.117.62: vps-42333.vps-default-host.net
Not shown: 981 closed ports
PORT     STATE    SERVICE
21/tcp   open     ftp
22/tcp   open     ssh
25/tcp   filtered smtp
53/tcp   open     domain
80/tcp   open     http
110/tcp  open     pop3
135/tcp  filtered msrpc
139/tcp  filtered netbios-ssn
143/tcp  open     imap
445/tcp  filtered microsoft-ds
465/tcp  open     smtps
587/tcp  open     submission
993/tcp  open     imaps
995/tcp  open     pop3s
2525/tcp open     ms-v-worlds
3306/tcp open     mysql
8080/tcp open     http-proxy
8083/tcp open     us-srv
8443/tcp open     https-alt

Nmap done: 1 IP address (1 host up) scanned in 10.62 seconds

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.