Hello,
Since yesterday, I'm trying to connect to my server via ssh, sftp, but login fail.
I decided to reboot the server via my OVH control panel before taking further steps. And it's been hours now after reboot and I still cannot connect to the server via SSH and all sites are down.
A community help will be highly appreciated.
It sounds like your server has a problem. Don't you have a KVM option to connect to it directly from the OVH manager?
If not you can reboot it in rescue mode. The server will boot from the network (not from its local drive) and you'll be then be able to mount the local drive and inspect what's going on.
Hi @Sylvain ,
I just reboot on rescue mode, but still cannot access using ssh 
Operation timed out
I just reboot on rescue mode, but still cannot access using ssh :(
Operation timed out
That's weird. To SSH into your server in rescue mode you're supposed to receive a temporary password by email (if you have configured a public key in the manager you may able to use it) and I think it uses the default SSH port (in case you changed it).
Hi @Sylvain
Finally I could connect to my server, could you please help me to setup iptables, I think that firewall allow only http and https 
Why do you think it's an iptables related problem?
If it is and a reboot didn't fix it, it probably means that you use the `iptables-persistent` package (if your server runs under Debian or Ubuntu) and that iptables rules are read from a file at startup (usually located under `/etc/iptables/rules.v4`.).
In that case, you need to find your server's root partition (you can use `lsblk` for that). On a VPS in rescue mode I think the partition is usually already mounted under `/mnt/something`.
You then then need to edit the iptables rules file as required, you can paste its content here first if you're not sure.
Actualy, I did mount /dev/md2 to /mnt and run cmd chroot /mnt
/etc/iptables/rules.v4 is empty.
What is the recommended secure config for iptables ?
Then it was probably not an iptables problem in the beginning because rebooting the server would have solved it (iptables rules would have been cleared unless you use another way to configure them at startup, such as a custom script).
A secure configuration for iptables would at least only accept incoming traffic on ports used by the services you run and responses to outgoing traffic from your server. You can also limit authorized ports for outgoing traffic.
But you should first check the logs of your server to understand what prevented you to login through SSH in the first place.
I mean that I could finally acces using rescue mode, but still cannot access via ssh Boot from hard drive
I mean that I could finally acces using rescue mode, but still cannot access via ssh Boot from hard drive
It's not hard to believe since you don't seem to have persistent iptables rules defined.
Let's go back to the beginning, we may have gone too fast. It seems you suddenly lost the SSH access to your server: was it after a specific event (like a software upgrade, a change of iptables rules…)? Is it limited to SSH/SFTP (are the other services running on your server OK)?
what is the domain name?
what about this thread? https://community.ovhcloud.com/t/45015
my domain name: royalmakeup.com
This thread https://community.ovhcloud.com/t/45015 is not yet closed
It was after software upgrade and trying to setup openssl to use https; http and https are reachable.
but SSH/SFTP no access
what host do you use with ssh?
a host like ?: `ssh login@vps123456.ovh.net`
It was after software upgrade and trying to setup openssl to use https; http and https are reachable.
but SSH/SFTP no access :/
Can you tell us exactly and precisely what you did? Upgrading software and setting up TLS shouldn't "break" SSH.
By the way, your domain is responding for HTTP (with the default nginx index page though) and for HTTPS it seems the port isn't closed but nothing is listening to it.
And what with the OpenSSL Gateway? You were using one but terminated it? If yes, did SSH stop working at the same time?
2 last questions:
* What's the IP of your VPS reported in the OVH manager?
* Don't you have a KVM access to your VPS (see https://docs.ovh.com/gb/en/vps/use-kvm-for-vps/ here)?
ssh root@37.187.248.13
```text<br />dig +short royalmakeup.com<br /> 37.187.248.13<br /><br />curl --head royalmakeup.com<br /> HTTP/1.1 200 OK<br /> Server: nginx/1.4.6 (Ubuntu)<br />```<br />this ip is for the ssl gateway (nginx server)?<br />use the vps ip or a host like vps123456.ovh.net (Ovh gave you this host)
And what with the OpenSSL Gateway? You were using one but terminated it? If yes, did SSH stop working at the same time?
Yes, but SSH didn't stop working at the same time, I think did deny all something I found in internet,
by the way my website is deployement in apache2, I don't know how it has been switched to nginx
What's the IP of your VPS reported in the OVH manager?
ssh root@37.187.248.13
Don't you have a KVM access to your VPS (see here)?
No
this ip is for the ssl gateway (nginx server)? No it's my dedicated server ip
use the vps ip or a host like vps123456.ovh.net (Ovh gave you this host)
ns333830.ip-37-187-248.eu ?
After applying this config https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-ubuntu-16-04
I couldnt use ssh anymore