Facebook
TwitterSee subject. I've had this issue a few times now.
The standard solution is to stop fail2ban, remove /var/log/fail2ban* and reinstall fail2ban.
However, today it happened again and the above solution didn't work. Even removing /etc/fail2ban before reinstalling didn't work.
I've determined that the cause is the plesk-panel jail in combination with the recidive jail. The former jail uses /var/log/plesk/panel.log, which could contain timestamps without a year. Fail2ban then throws the parse error a few times. Since the error also contains a timestamp without a year, the recidive jail (which monitors the fail2ban log itself) puts fail2ban in an infinite loop.
The solution is to put "datepattern = %%Y-%%m-%%d %%H:%%M:%%S" (without the quotes) in the [Init] section of the jail filter for both plesk-panel and recidive.
The standard solution is to stop fail2ban, remove /var/log/fail2ban* and reinstall fail2ban.
However, today it happened again and the above solution didn't work. Even removing /etc/fail2ban before reinstalling didn't work.
I've determined that the cause is the plesk-panel jail in combination with the recidive jail. The former jail uses /var/log/plesk/panel.log, which could contain timestamps without a year. Fail2ban then throws the parse error a few times. Since the error also contains a timestamp without a year, the recidive jail (which monitors the fail2ban log itself) puts fail2ban in an infinite loop.
The solution is to put "datepattern = %%Y-%%m-%%d %%H:%%M:%%S" (without the quotes) in the [Init] section of the jail filter for both plesk-panel and recidive.
