• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

CentOS 7.0.1406 systemd/journalctl + Plesk 12.0.18 fail2ban not working

J

Jonas_Hauser

New Pleskian
Dear forum users

I installed today a second server 'fresh from the box' with CentOS 7.0 x86_64 and Plesk 12 via auto-installer. I get stuck on the same issue I already reported. The fail2ban ssh jail is not configured to use journalctl and there is no /var/log/secure anymore.
My machines get hit by many ssh connections and none of them gets ever blocked, as long as you do not change the jail config for sshd (and also proftpd).

Kind regards
Jonas
 
Hi UFHH01

thanks for your reply. now we just need to wait until Plesk 12 will provide a fail2ban v.0.9.1, they currently provide 0.8.13 (without systemd support).

Many thanks for your help.

Regards
Jonas
 
Hi Jonas_Hauser,

you could always install "rsylog" to solve your issue so your system will still log services "the old fashioned way" :)

yum -y install rsyslog
 
Even Plesk 12.5 does not support systemd in fail2ban. Upgrading to Plesk 12.5 / CentOS 7 means staying up2date and Plesk should be ready for this ...

Any progress here? ...
 
Hi Adrian_Von_Der_Goe,

since Fail2Ban version "0.9.0", there is a "systemd" - support for the backend ( at jail.conf: "backend = systemd" ). It's up to you, to switch the backend in your Fail2Ban configuration, shipped with Plesk 12.5 ( version 0.9.2 ).
 
Hi @UFHH01,
sadly this does not work, I've already tried this.

After reading the error log again I found out since systemd v223 one has to to the following:
Code: 
yum install systemd-python

Maybe this helps someone with the same problem.
 
Last edited:
Hi Adrian_Von_Der_Goe,

comparing the original "https://github.com/fail2ban/fail2ban/archive/0.9.2.tar.gz" with the version shipped with Plesk 12.5 for CentOS 7 ( http://autoinstall.plesk.com/PSA_12...an/fail2ban-0.9.2-centos7.15103017.noarch.rpm ), you will notice that Plesk doesn't seem to include systemd-support with their version.

Original:
Code: 
...
# "backend" specifies the backend used to get files modification.
# Available options are "pyinotify", "gamin", "polling", "systemd" and "auto".
# This option can be overridden in each jail as well.
#
# pyinotify: requires pyinotify (a file alteration monitor) to be installed.
#              If pyinotify is not installed, Fail2ban will use auto.
# gamin:     requires Gamin (a file alteration monitor) to be installed.
#              If Gamin is not installed, Fail2ban will use auto.
# polling:   uses a polling algorithm which does not require external libraries.
# systemd:   uses systemd python library to access the systemd journal.
#              Specifying "logpath" is not valid for this backend.
#              See "journalmatch" in the jails associated filter config
# auto:      will try to use the following backends, in order:
#              pyinotify, gamin, polling.
#
# Note: if systemd backend is choses as the default but you enable a jail
#       for which logs are present only in its own log files, specify some other
#       backend for that jail (e.g. polling) and provide empty value for
#       journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200
backend = auto
...

Plesk version:
Code: 
...
# "backend" specifies the backend used to get files modification.
# Available options are "pyinotify", "gamin", "polling" and "auto".
# This option can be overridden in each jail as well.
#
# pyinotify: requires pyinotify (a file alteration monitor) to be installed.
#              If pyinotify is not installed, Fail2ban will use auto.
# gamin:     requires Gamin (a file alteration monitor) to be installed.
#              If Gamin is not installed, Fail2ban will use auto.
# polling:   uses a polling algorithm which does not require external libraries.
# auto:      will try to use the following backends, in order:
#              pyinotify, gamin, polling.
backend = auto
...

This issue should be discussed with Plesk developers, or could be declared to be a bug. Please wait for an answer from an Odin - Team - member and consider to open a bug-report at: http://www.odin.com/support/plesk/bugreport/
 
You must log in or register to reply here.

Similar threads

O
Resolved Update Plesk 18.0.68 on CentOS7 result in no website reachable and email not working anymore
Replies
3
Views
628
Onkeltom01
O
Azurel
Forwarded to devs Custom Fail2ban Jails not working
Replies
3
Views
3K
IgorG
IgorG
H
Issue fail2ban iptables error, ban doesn't work
Replies
1
Views
2K
hotwert
H
Endre
Issue Server Error 500 Plesk\Exception\Database DB query failed: SQLSTATE[HY000] [2002] No such file or directory
Replies
15
Views
9K
MihaiNecreala
M
Azurel
Forwarded to devs Plesk fail2ban jails and iptables not working correctly [SECURITY ISSUE?]
Replies
4
Views
3K
Azurel
Azurel
Back
Top