Question Fail2ban - How to whilelist domain names

[gennolo]

Hello,
last night I noticed that fail2ban banned some GoogleBot IPs (66.249.69.xx) because of the recidive jail.
Maybe Google spiders pointed to some client-denied link and fail2ban triggered the jail.

How can I whitelist the whole google.com / googlebot.com domains from Plesk ?
I see I can whitelist IPs but no domains but I can't really figure out which are the correct Google Ips , any clue ?

 

[Bitpalast]

Domain names cannot be whitelisted, only IP addresses.
You can, maybe, try to develope your own iptables chain and place it at the beginning of iptables rules, so that requests are caught by name and pass iptables.
A possible chain could look somewhat like this:

iptables -I INPUT 1 -p tcp -m multiport --dports 80,443,7080,7081 -m string --algo bm --string 'GET /' -j Google
iptables -A Google -j RETURN

Not tested, but it sure is the "-m string --algo bm --string ..." parameters that you will need. Purpose of such rules: Everything traffic is requesting something with "Google" in it, let it pass. But maybe you need to refine this, because this would also let all traffic pass that is requesting pages named "myGooglePage.php" etc., so it is not a very safe thing to do.
I hope this helps so that you can develope your own suitable rule.