Troubleshooting A Non-Starting DenyHosts Service

DenyHosts is a set of Python scripts that will help automate the process of blacklisting IP addresses that are hammering your SSH service. So obviously you know that I’m talking about something related to *NIX systems here.

It does this by appending offending IP addresses into your hosts.deny file. In addition to that, it has some cool features such as keeping logs of all banning actions, purging of old entries, and emailing the administrator of any newly blacklisted host. You can get the full list of features from the DenyHosts features page.

Anyway, after setting up and installing DenyHosts 2.6 on my server, I tried to get it started as a service. I then encountered the following error message:

[me@myserver denyhosts]# service hostsdeny start
starting DenyHosts: /usr/bin/env python /usr/local/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg
Traceback (most recent call last):
File "/usr/local/bin/denyhosts.py", line 5, in ?
import DenyHosts.python_version
ImportError: No module named DenyHosts.python_version

Hmm… strange, because I know for sure that I have python installed on my box. I tried typing pyth on the keyboard, followed by the Tab key to see what can be auto-completed from those letters. I got the following response:

[me@myserver ~]# python
python python2 python2.3 python2.4

OK, so I have multiple versions of python installed here; is this the real problem? I then proceed to check out the DenyHosts service manager script daemon-control. I found that the path to python is defined as the following:

PYTHON_BIN = "/usr/bin/env python"

Hmm... so that's the problem; I didn't define an environment variable for python! Nevertheless, I wouldn't want to do this just to get DenyHosts running, so what can I do? Just point the PYTHON_BIN definition to the actual python executable (python2.4 in this case), of course! So I changed the definition to the following:

PYTHON_BIN = "/usr/local/bin/python2.4"

And just like magic, the DenyHosts service starts as it should. I'm sharing this with the hope that it helps somebody out there (and maybe reduce his individual health insurance rate).

3 responses to “Troubleshooting A Non-Starting DenyHosts Service”.

  1. zaki blogjer Says:

    Hi, I’m newbie in web hosting related stuff. I’ve a problem where there is an process (i believe so) from 1 machine that excessively accessing my website, causing MYSQL to broken. I’ve tried blocking the IP address, but it seem it the IP is dynamic and changed from time to time. I don’t want to block it in a wide range as I’m afraid it’ll block other users as well.

    Can Denyhost preventing from this kind of attacks? Or do you have other suggestions?

  2. Site Admin Azmeen Says:

    Hi Zaki,

    Your description of the problem seems a little vague. For one thing, what does “excessively accessing my website” means? One person’s “excessive” may well be another’s “normal”. Perhaps your MySQL settings are too rigid, and that the request is just a typical ordinary request.

    Another thing is that you seem fairly certain that your MySQL becomes unstable because of the website accessing activities of this host. Is it possible that it could be one of your server side scripts (PHP, Perl, etc) that is the real problem?

    As for your question whether DenyHosts would be useful in reducing or stopping your problem; I doubt it will. In fact the core function of DenyHosts is mostly related to SSH functions.

    Sorry for the late reply because I was in public holiday mood 😛

  3. zaki blogjer Says:

    yes the problem rely on the script, but the script developer is taking too long to fix it. Basically, this script allowing someone to access the URL this way

    http://www.domain.com/phpid?=1
    http://www.domain.com/phpid?=2
    http://www.domain.com/phpid?=3
    http://www.domain.com/phpid?=….
    http://www.domain.com/phpid?=99999