Cannot access CFADMIN any more - coldfusion

I cannot access the ColdFusion 10 CFAdmin area and when I do I get the following in my logs
You tried to access the ColdFusion Administrator from a disallowed IP address (123.456.789.1).
The ColdFusion Administrator can only be concurrently accessed from localhost and 2 more IP addresses.
The specific sequence of files included or processed is: ........
The problem is that I am trying this on my own machine which has (for example here) the IP address of 123.456.789.1
I've tried restarting the services but I get the same error still?
Anyone seen this before?
Some clarification for what I've tried. Let say my remote server has the 123.456.789.1
1st attempt.
Restarted services and ensured I was the first person to try and access the CFAdmin area - No luck
2nd attempt
Used the "123.456.789.1" server as a SSH tunnel so my machines IP address would be the same as the servers when I tried to connect. Again restarted and got same error (in the logs)
3rd attempt (getting desperate)
Installed "elinks" (a text based browser) on the actual server. Again restarted and got same error (in the logs) when trying to log in.

This means that the IP restriction to CF Admin is applied. Go to Security > Allowed IP Addresses in CF Admin and remove the IPs (if any) from Allowed IP Addresses for ColdFusion Administrator access section.
That should fix it.
Edit: Since you are unable to access CF Admin, try this. Take a backup of neo-security.xml at C:\ColdFusion10\cfusion\lib. Open it with text editor and locate
<var name='allowedAdminIPList'><string>IP_Address</string></var>
Delete the IP listed there (IP_Address in example) and now it should look like
<var name='allowedAdminIPList'><string></string></var>
Save the file, restart ColdFusion Application Service and check CF Admin.

Is this a full copy of ColdFusion server or just a developer edition? The '2 more IP addresses' makes me think its a developer copy and you have it open in other places.

Related

Port mapping in Windows Server 2016 - Docker

I have been trying to setup Docker in Windows Server 2016 in an AWS instance to run an IIS program.
From this question,
Cannot access an IIS container from browser - Docker, IIS has been setup inside a container and it is accessible from the host without port mapping.
However, if I want to allow other users from the Internet/Intranet to access the website, after Google-ing it, I guess we do need port mapping...
The error I have encountered in port mapping is given in the above question so... I guess using nat is not the correct option. Therefore, my team and I tried to create another network (custom/bridge) following instructions from
https://docs.docker.com/v17.09/engine/userguide/networking/#user-defined-networks
However, we cannot create a network as follows:
; Googled answer:
https://github.com/docker/for-win/issues/1960
My team guessed maybe its because AWS blocked that option, if anyone can confirm me, please do.
Another thing that I notice is: when we create an ECS instance in AWS,
So... only default = NAT network mode is accepted in Windows server?
Our objective: put the container hosted IIS application to Internet/Intranet in Windows Server 2016...
If anyone has any suggestion/advice, please tell me, many thanks.

GCS appears to be blocking my IP

I have been testing out a ubuntu instance on GCS for the last couple weeks and a possible home for one of our web servers. Last week suddenly everything stopped working. I was not able to SSH to shell, and I couldn't even visit the site anymore through my browser. I logged into the dashboard and nothing seemed wrong. I had several other colleges try to go to the site and it loaded without any issues. I could not find any settings in the dashboard that would suggest some kind of block like this, so i assumed I must have triggered some kind of anti spam system. I decided to give a few days before trying to mess with it any further. after 6 days of not messing with it at all I still can not visit the site, or login via SSH.
Then to verify they are blocking my IP address and that it wasn't just something wrong with my machine. I switched my IP and then everything started behaving as expected once again. I can get to the site in my browser and can once again SSH into the VM. After switching back to my previous static IP everything went back to not letting me view the webpage, or ssh into the server.
My problem is that this isn't a permanent solution for me. I have many servers that only allow login from my previous IP address so I'd rather fix the issue with this VM rather then change all those system to allow from a new IP address. Any help on finding the solution would be greatly appreciated.
Please let me know if I can provide any additional info to help find the problem.
followup info:
The way our network is set up the IP we get from DHCP is the real world IP our device is seen with (I think we own a block or something)
this is the first time i've done anything with a GCS VM
Edit: added additional information

KAA MongoDB server, Data not retrived sent from Raspberry Pi

I am running this example http://kaaproject.github.io/kaa/docs/v0.10.0/Programming-guide/Your-first-Kaa-application/ .
But data is not storing on the server side.
What should I do now?
When I running db.logs_my_application_token.
find() from mongo console,
it is showing nothing.
Do I have to provide some IP or host in my code, I am using KAA SANDBOX from AWS.
Console Output of Raspberry Pi attachedenter image description here here...
Finally I am able to do that using ..
Perform these two steps may be this can solve your problem.
Just run this command on host machine
sudo /usr/lib/kaa-sandbox/bin/change_kaa_host.sh $new host name/ip$
Then change the IP address of using Admin UI, for that you need to
sign in using username : kaa and passwword : kaa123
then go to setting > general setting then change the IP address preceded by :8080, enter your machine's public IP address, that can be easily accessible from anywhere.
Tips :: if you are using AWS instance then use public IP address of your instance.
Further error persist then drop your previous instance and launch a new instance.
For more details go the official documentation page
Hope it will be helpful for you.
You do not need to provide IP address.
You should download the generated SDK file and compile it with the source code. and then run it.

Trying to log in my EC2 server, but port 22 : connection refused

I don't know what's wrong with it. Here is a screenshot.
(first image is what i've done in terminal to log in my EC2 server
second image is what i've set in "System preference --> sharing --> remote login)
Yosemite is my OS. Please help me,
Assuming that you have the right key file, you could be running into some security settings issues. Check your security group and make sure that the server is accepting connections on port 22 from all addresses. Also, I generally use the IP address when SSHing into an EC2 box instead of a url, as it is much shorter and more concise. Also, make sure that your server is running Ubuntu. I know that different OS's on EC2 use different default usernames.
Your default username can be found at this page:
http://alestic.com/2014/01/ec2-ssh-username
In the end, your ssh command should be something like
ssh -i otkey.pem [username for your os]#[ip of your box]
Hope this helps!
You've got the right command for an ubuntu server. Check to make sure that security groups are configured and that you don't have Network Access Control Lists configured on your VPC. The configuration you made to the settings of your laptop are to open it up for people to log into your laptop, they don't do anything to facilitate you connecting out.

EC2 how to swap your elastic IP

I have two instances. They are going to run the same app, but one is set up with a slightly different configuration. Right now I can go to their assigned elasticip and see that my site works on both. Th eonly other difference is that one is a micro instance and one is a small instance. Also, I have a bunch of DNS records pointing my domain name to the ip of the micro instance.
But what I want to do is swap them so that the small instance is now my main instance that has my domain pointing to it. I was hoping I could just disassociate the ip's and then reassociate the ip's only flipped around. But when I do that and then try to go to my domain.com I just get an error page. When I swap them back they both seem to work again. Is there something a more complicated I have to do?
edit:
When I try to SSH I also get all this stuff:
###########################################################
# WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! #
###########################################################
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
d6:ed:23:65:9c:da:0c:1b:2d:94:34:18:4d:68:8f:a5.
Please contact your system administrator.
Add correct host key in /Users/croberts/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/croberts/.ssh/known_hosts:17
RSA host key for 54.183.212.154 has changed and you have requested strict checking.
Host key verification failed.
Something nasty! haha.
The error message is indicating that the remote computer does not match the computer previously recorded in the known_hosts file.
When using ssh, each computer generates a fingerprint and this is recorded against the computer identifier (eg IP Address) that you are using to connect to the remote machine.
If you are switching an Elastic IP address between instances and also using the Elastic IP address to ssh into the instance, then the error quite correctly is warning you that the computer is not the same computer to which you last connected on that address.
You can remove the offending entry from the known_hosts file, or even delete the whole known_hosts file (which admittedly will remove such warnings even if they are legitimate).
You should have no problem swapping the elastic IP from one instance to another. It can take a few minutes to take effect, so make sure that you can reach the correct instance before testing.
You don't describe the error, but if you are using name-based virtual hosts, and are using a different name, that could be one cause. If you restart apache after swapping EIPs, does the problem go away?
Finally, to fix the ssh error, remove the entry from the known_hosts file - if you read the error message, it's on line 17.