Search results for query: "Fail2Ban" "recidive"

@Noturns, First of all, I am happy to see that your Fail2Ban is set-up properly and working as intended by you. However, it seems to be the case that your Fail2Ban implementation has not always been working as it is supposed to (for instance, Fail2Ban should be reverting to default values of...

Interesting clue - when I restart fail2ban, I get an email about the recidive jail starting but none others.

@Florian, Do not disable dovecot, that makes you even more vulnerable. Yep, one of the unusual suspects is an overload of logins, which causes the maximum number of connections to be used, hence not allowing other users to login. This is very rare, but happens with brute forcing and/or...

Hi, I am not able to enable the recidive jail in Fail2Ban. I get the following error: Unable to switch on the selected jails: f2bmng failed: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: '' ERROR No file(s) found for glob /var/log/fail2ban.log ERROR Failed during...

Hi weelk, if you experience issues by non-blocking fail2ban intruders, consider posting the fail2ban - log and it's corresponding fail2ban - configurations ( jails ) for mail - filters and actions. Be ware that you might set up the allowed attempts to a lower level and consider using an...

Continuing fail2ban saga. Everything seemed OK for some short period of time after reinstalling f2b. However it shuts down at random intervals with failed message. this is what I get before it shuts down: 2015-06-26 09:36:57,423 fail2ban.jail [14252]: INFO Jail 'plesk-apache-badbot'...

I completed the survey, I think, but it ended abruptly so I'm not sure. Just in case it didn't go through, I thought it was important to reiterate my belief that Plesk should direct their next efforts on the WordPress Toolkit toward an automated fail2ban integration. Inasmuch as you all know how...

@MicheleB, Thanks for sharing the relevant information. It seems to be the case that you were "hacked" from an "internal source". For example, someone uploading a script or code (happens all the time on WordPress installations) and/or even by mail (somewhat more advanced). However, since...

@Noturns, Yes and no. Yes, I am aware of multiple theoretical solutions to automatically set a permanent IP block. No, you should not want to implement an automatic, Fail2Ban based permanent IP block at this moment, have some patience. In general, one can do the following a) manually...

You might have forgotten to define some exclusions for fail2ban, for example 127.0.0.1 ( localhost ) and your server - IPs. You can set it over Plesk ... or directly on your server in the "jail.local" configuration file located at /etc/fail2ban/*. The setting for some exclusions are defined as...

@Noturns, Fail2Ban is not intended to set the ban time longer than 604800 seconds (i.e. 7 days), this is the maximum value. Setting a longer time period will still result in (on the one hand) a temporary ban, not a permanent block and (on the other hand) a ban time of 604800 seconds...

Hi UFHH01, I've checked my fail2ban.conf file and I have the following: loglevel =3 logtarget = /var/log/fail2ban.log I get the following result when I run "service fail2ban status": fail2ban-server (pid 1395) is running... Status |- Number of jail: 11 `- Jail list: plesk-apache-badbot...

Hi trialotto, >> You should not worry about other VPS (the host server and virtualization software take care of that). I understand that, but what I meant is ... if all of the VPS'es start connecting with the Plesk server at the exact same time (since the installations are all based on the...

Hi Lee_Colarelli, Plesk's extension fail2ban has a pre-configured jail "plesk-panel" which should monitor the log "/var/log/plesk/panel.log" ( "/usr/local/psa/admin/logs/panel.log" should be a symlink to the mentioned log - file. ), which could be used by you. As well, consider using the...

Hello, there is a strange problem with the new feature fail2ban. I have noticed that a local ip address (ip address from the webserver itself) was added to the blocked ip addresses of fail2ban now for the second time. What I can see is that it was the recidive jail. If there is nginx used...

I am configuring fail2Ban (brilliant idea to include it in the Panel). I am wondering what the implication is of activating it for these services: plesk-apache plesk-apache-badbot plesk-horde recidive I am not sure what these services are. Also surely if we apply it to plesk-apache that would...

I am not able to add a new filter to fail2ban if I go in plesk panel to: Home > Tools & Settings >IP Address Banning > Jails > managing Filters > add filter > type in name & filtercontent and save I get "Information: The jail filter was added". But i can not see the new added filter in the...

That sometimes happens, when there are too much script kiddies online, or botnet scripts, which try to do silly things.... nothing to worry about, because if you don't use passwords like 12345, which are very easy to guess, they just try to login but will never be able to login. This is why you...

ok, going to see what you have here right now. Thanks

Here's the iptables status (with fail2ban running): Table: nat Chain PREROUTING (policy ACCEPT) num target prot opt source destination Chain POSTROUTING (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target...