• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Fail2ban ignorecommand

L

lutenica

New Pleskian
Server operating system version
Ubuntu 20.04
Plesk version and microupdate number
18.0.57 Update #3
Hello community!

I have a custom Fail2ban filter and jail. They were both set up from the web interface, however, one of my sites encountered an issue with Google's crawlers being banned by it.

Obviously they use a whole bunch of IPs which they might change so I figured the best way is to check the reverse DNS of the given IP. So I've created a script that would fail/succeed the PTRs to what google state their rDNS would be. So far so good, but in order for Fail2ban to use it I was thinking of utilizing the "ignorecommand" flag in the jail.local, but I'm worried about manually editting the file.

Does anybody know if editting the jail.local manually gets overwritten by Plesk? I would assume so, but I then wonder if there's anyway to let Plesk know about my change? I can't edit the default jail via the Plesk GUI/CLI, nor do any of the settings cover this.

I combed through the forum and documentation but found nothing to address my specific concern, so if anybody can help point me in the right direction that would be great!
 
You'd add the list of whitelisted ip addresses to the jail in /etc/fail2ban/jail.local with "ignorip = ...".
 
Peter Debik said:
You'd add the list of whitelisted ip addresses to the jail in /etc/fail2ban/jail.local with "ignorip = ...".
Click to expand...
Sure, but that is for IPs, which Google has a lot of and not all of them are used for crawlers and they change them quite often. So really I'm looking for how to implement "ignorecommand=". Also wouldn't manually editting the file conflict with Plesk and have it be re-written each time I add a new whitelisted IP from the GUI for example?
 
lutenica said:
Sure, but that is for IPs, which Google has a lot of and not all of them are used for crawlers and they change them quite often. So really I'm looking for how to implement "ignorecommand=".
Click to expand...
I think you mean "ignoreregex" in the filter file? Because you could add a "googlebot" exception there so that any time the user-agent is googlebot, the rule does not apply.
 
You must log in or register to reply here.

Similar threads

andreios
Issue Fail2ban WordPress login detection doesn't work and fail2ban couldn't be configured trough Plesk
Replies
2
Views
975
andreios
andreios
T
Issue Unbanning some IP addresses causes the server to be unresponsive
Replies
4
Views
1K
TurabG
T
B
Issue I need help getting setting up a filter for AH01264 in fail2ban
Replies
1
Views
1K
Peter Debik
P
A
Issue Problems with fail2ban
Replies
1
Views
1K
Kaspar@Plesk
Kaspar@Plesk
Tim Clarke
Issue Problems with recidive jail
Replies
3
Views
2K
La Linea
L
Back
Top