• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question Fail2ban ignorecommand

lutenica

New Pleskian
Server operating system version
Ubuntu 20.04
Plesk version and microupdate number
18.0.57 Update #3
Hello community!

I have a custom Fail2ban filter and jail. They were both set up from the web interface, however, one of my sites encountered an issue with Google's crawlers being banned by it.

Obviously they use a whole bunch of IPs which they might change so I figured the best way is to check the reverse DNS of the given IP. So I've created a script that would fail/succeed the PTRs to what google state their rDNS would be. So far so good, but in order for Fail2ban to use it I was thinking of utilizing the "ignorecommand" flag in the jail.local, but I'm worried about manually editting the file.

Does anybody know if editting the jail.local manually gets overwritten by Plesk? I would assume so, but I then wonder if there's anyway to let Plesk know about my change? I can't edit the default jail via the Plesk GUI/CLI, nor do any of the settings cover this.

I combed through the forum and documentation but found nothing to address my specific concern, so if anybody can help point me in the right direction that would be great!
 
You'd add the list of whitelisted ip addresses to the jail in /etc/fail2ban/jail.local with "ignorip = ...".
 
You'd add the list of whitelisted ip addresses to the jail in /etc/fail2ban/jail.local with "ignorip = ...".
Sure, but that is for IPs, which Google has a lot of and not all of them are used for crawlers and they change them quite often. So really I'm looking for how to implement "ignorecommand=". Also wouldn't manually editting the file conflict with Plesk and have it be re-written each time I add a new whitelisted IP from the GUI for example?
 
Sure, but that is for IPs, which Google has a lot of and not all of them are used for crawlers and they change them quite often. So really I'm looking for how to implement "ignorecommand=".
I think you mean "ignoreregex" in the filter file? Because you could add a "googlebot" exception there so that any time the user-agent is googlebot, the rule does not apply.
 
Back
Top