• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Fail2Ban authentication failure monitor and Plesk Spam Assasin stopping and starting

M

miguel.obando

New Pleskian
Watchdog is running since Aug 10, 2021 02:17 PM.
Watchdog is monitoring services:
Plesk Web Server
Plesk PHP Engine
Web Server (Apache)
SMTP Server (Postfix)
Dovecot IMAP and POP3 server
DNS Server (BIND)
MySQL
PostgreSQL
Plesk SpamAssassin
Plesk Postfix milter filter
Web Proxy Server (Nginx)
Fail2Ban authentication failure monitor
Watchdog is not monitoring disks.

Average CPU load: 11.2906%.
Average RAM usage: 4108208.2856.
Security scans number: 1.

Events:
[Sep 2, 2021 05:42 PM] 'Fail2Ban authentication failure monitor' service started.
[Sep 2, 2021 05:37 PM] 'Fail2Ban authentication failure monitor' service stopped.
[Aug 30, 2021 07:08 PM] 'SMTP Server (Postfix)' service started.
[Aug 30, 2021 07:08 PM] 'Fail2Ban authentication failure monitor' service started.
[Aug 30, 2021 07:08 PM] 'Web Proxy Server (Nginx)' service started.
[Aug 30, 2021 07:08 PM] 'Plesk SpamAssassin' service started.
[Aug 30, 2021 07:08 PM] 'PostgreSQL' service started.
[Aug 30, 2021 07:08 PM] 'MySQL' service started.
[Aug 30, 2021 07:08 PM] 'Web Server (Apache)' service started.
[Aug 30, 2021 07:08 PM] 'Plesk PHP Engine' service started.
[Aug 30, 2021 07:08 PM] 'Plesk Web Server' service started.
[Aug 30, 2021 06:39 AM] 'Plesk SpamAssassin' service started.
[Aug 30, 2021 06:34 AM] 'Plesk SpamAssassin' service stopped.
[Aug 30, 2021 01:00 AM] Security scanning report is in the file /opt/psa/var/modules/watchdog/report/security_2021-08-30.
 
Hello,

I currently dont understand the problem with fail2ban.
"Fail2Ban authentication failure monitor" is just a name for the service what fail2ban actually does..

(....)You can safeguard your server from brute force attacks through IP address banning ( Fail2Ban ). Fail2Ban utilizes regular expressions for monitoring log files and spotting patterns that may correspond to authentication failures, looking for exploits, and additional entries that may appear to be suspicious.(...)

You can find more information here

For the spam-assasian problem, could you please post the output of:
Code: 
systemctl status spamassassin.service  -l


I'm looking forward to your feedback,
kind regards,
 
Hello,
yes I agree...

If the problem continues or happens again, we could increase the log-level of fail2ban and check the logs if needed.
 
Hello,
in
Code: 
/etc/fail2ban/fail2ban.conf


Code: 
[Definition]

# Option: loglevel
# Notes.: Set the log level output.
#         CRITICAL
#         ERROR
#         WARNING
#         NOTICE
#         INFO
#         DEBUG
# Values: [ LEVEL ]  Default: ERROR
#
loglevel = 1

I would recommend to change it to debug, just to figure out whats goin on.

Kind regards,
 
You must log in or register to reply here.

Similar threads

Melika
Issue Plesk stopped working out of the blue ...
Replies
0
Views
2K
Melika
Melika
S
Apache does not apply .htaccess directives for certain files after migration through Plesk Migrator
Replies
2
Views
3K
NewGate
N
D
Issue logrotate service fail, plesk-ext-monitoring-hcd.service
Replies
2
Views
1K
daniellee100
D
T
Issue Unable to access to my Plesk interface (502 Bad Gateway)
Replies
1
Views
902
Kaspar
K
H
Question MariaDB doesn't start after upgrade
Replies
3
Views
1K
Kaspar@Plesk
Kaspar@Plesk
Back
Top