• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved Fail2ban blocks hosting server IP

Franco

Franco

Regular Pleskian
Hello,

after years of service I got a weird issue whereby fail2ban bans its server Public IP, similar to this case https://support.plesk.com/hc/en-us/...-after-enabling-nginx-on-server-with-fail2ban
It was solved by adding the servwer public IP in the fail2ban whitelist, as suggested there.

Looking further I see that the jail is [plesk-apache-badbot], which checks access log files. AFAIK, I only had one service stopped as a result, probably because in general I use php-fpm/nginx and just apache for that one.

How can this happen and shall I be worried about bad bots running on my server? Where shall I look, please?
My config is CentOs7 with Onyx latest MU.

Best regards
 
Hi Franco,

Franco said:
... and shall I be worried about bad bots running on my server?
Click to expand...
No.

Franco said:
How can this happen
Click to expand...
This is an absolute "normal" behaviour, when you use nginx+php-fpm on your server - nothing to worry about and nothing which you can avoid, due to the fact that the upstream uses your server-IP(s) and not "localhost". The official Fail2Ban documentation suggest as well to whitelist "localhost" and your server IP(s), in order to avoid the ban of your own IPs.
 
Many thanks, it's all clear now.
I just want to add that in the access files the only thing I see connected to the server public IP are wp-cron calls.
 
Thank you for the useful information, I think I found a solution to my problem here. But I think I should change my server provider because I have some problems that interfere with my video games (because of bad server hosting quality). I earn money testing various video games so I need a quality hosting server that works without any problems. Guys from another forum advised this one ggservers.com, I wonder what you have to say about it? Thank you in advance for your feedback.
 
Last edited:
You must log in or register to reply here.

Similar threads

Jürgen_T
Issue How to properly configure Fail2Ban for ModSecurity in Plesk with NGINX?
Replies
5
Views
632
klodoma
K
A
Question Plesk Admin - Bad Bot protection
Replies
4
Views
430
Alban Staehli
A
S
Resolved Problem tuning fail2ban
Replies
5
Views
10K
nisamudeen97
nisamudeen97
Gianni
Question My IP in jail fail2ban using plesk
Replies
0
Views
425
Gianni
Gianni
J
Question New bad bot fail2ban filter: will overwrite customization?
Replies
15
Views
2K
Bitpalast
Bitpalast
Back
Top