Facebook
Twitter
DimitrisG
Basic Pleskian
I am running a fresh install of Onyx on CentOS Linux 7.3.1611.
fail2ban seems to be running fine (no errors)
# systemctl status fail2ban.service -l
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2016-12-29 12:46:57 EET; 8s ago
Docs: man:fail2ban(1)
Process: 10790 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=0/SUCCESS)
Process: 10788 ExecStartPre=/usr/bin/mkdir -p -m 755 /var/run/fail2ban (code=exited, status=0/SUCCESS)
Main PID: 10795 (fail2ban-server)
Memory: 18.0M
CGroup: /system.slice/fail2ban.service
├─10795 /usr/bin/python /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b
└─10797 /usr/libexec/gam_server
I am doing a few tests but nothing appears in /var/log/fail2ban.log
After stoping it and starting it again within the Plesk UI all my previous tests suddenly appear in the logs (and in Plesk UI) and IP ban works.
# tail fail2ban.log
2016-12-29 12:46:57,050 fail2ban.jail [10795]: INFO Jail 'plesk-wordpress' started
2016-12-29 12:46:57,503 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:57,553 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:57,567 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:58,069 fail2ban.actions [10795]: NOTICE [recidive] Ban x.x.x.x
2016-12-29 12:46:58,289 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:58,318 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:47:00,218 fail2ban.actions [10795]: NOTICE [recidive] Ban x.x.x.x
2016-12-29 12:47:09,374 fail2ban.actions [10795]: NOTICE [recidive] Unban x.x.x.x
2016-12-29 12:50:31,137 fail2ban.filter [10795]: INFO [plesk-roundcube] Found x.x.x.x
If I try do another test after the fail2ban restart nothing appears in fail2ban.log again (until I do another f2b restart).
Any thoughts?
ps. I've tried uninstalling it (also removing /etc/fail2ban) and installing it again but the same thing happens + I haven't added any jails or changed any of the settings.
fail2ban seems to be running fine (no errors)
# systemctl status fail2ban.service -l
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2016-12-29 12:46:57 EET; 8s ago
Docs: man:fail2ban(1)
Process: 10790 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=0/SUCCESS)
Process: 10788 ExecStartPre=/usr/bin/mkdir -p -m 755 /var/run/fail2ban (code=exited, status=0/SUCCESS)
Main PID: 10795 (fail2ban-server)
Memory: 18.0M
CGroup: /system.slice/fail2ban.service
├─10795 /usr/bin/python /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b
└─10797 /usr/libexec/gam_server
I am doing a few tests but nothing appears in /var/log/fail2ban.log
After stoping it and starting it again within the Plesk UI all my previous tests suddenly appear in the logs (and in Plesk UI) and IP ban works.
# tail fail2ban.log
2016-12-29 12:46:57,050 fail2ban.jail [10795]: INFO Jail 'plesk-wordpress' started
2016-12-29 12:46:57,503 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:57,553 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:57,567 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:58,069 fail2ban.actions [10795]: NOTICE [recidive] Ban x.x.x.x
2016-12-29 12:46:58,289 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:46:58,318 fail2ban.filter [10795]: INFO [recidive] Found x.x.x.x
2016-12-29 12:47:00,218 fail2ban.actions [10795]: NOTICE [recidive] Ban x.x.x.x
2016-12-29 12:47:09,374 fail2ban.actions [10795]: NOTICE [recidive] Unban x.x.x.x
2016-12-29 12:50:31,137 fail2ban.filter [10795]: INFO [plesk-roundcube] Found x.x.x.x
If I try do another test after the fail2ban restart nothing appears in fail2ban.log again (until I do another f2b restart).
Any thoughts?
ps. I've tried uninstalling it (also removing /etc/fail2ban) and installing it again but the same thing happens + I haven't added any jails or changed any of the settings.
