Resolved Couple fail2ban questions and issues.

[Kain]

Hi there,

So after my first problems with fail2ban when I installed it manually on the server and locked myself out I just find out you can easily install fail2ban through a couple clicks within Plesk

So got it installed but now I got issues with the jail.

I choose the apache, panel and WP jail (or do I have to select em all?) to be active but then I get errors stating:

Unable to switch on the selected jails: f2bmng failed: ERROR NOK: ('plesk-apache',)
ERROR NOK: ('plesk-panel',)
ERROR NOK: ('plesk-wordpress',)
ERROR No file(s) found for glob /var/log/secure
ERROR Failed during configuration: Have not found any log file for ssh jail
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload', 'ssh']' returned non-zero exit status 255
ERROR:f2bmng:Failed to reload following jails due to errors in configuration: ssh.

I got no idea what that all means but they don't become active.

Also got a settings question, what's the best setting for "Time interval for detection of subsequent attacks *" it's default 300 seconds but 10 minutes seems a bit long?

Cheers.

 

[scsa20]

Hey there Kain,

From the looks of it, you didn't turn on intrusion detection first. Make sure all the jails is currently off then go to Settings and place a check mark next to "Enable intrusion detection" and hit apply to save the settings. Once you do that, try turning on a jail again and this time it should turn on with no issue.

 

[Kain]

If it only was that simple but Intrusion Detection is on.

 

[Kain]

As I have slept a little more then usual I google again and the answer was rather easy IF you know linux which I don't bwhaha only have a linux server to cut the costs for now.

All I had to do was this:

touch /var/log/secure
chown root. /var/log/secure
chmod 0600 /var/log/secure