• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Question Fail2ban ignorecommand

lutenica

New Pleskian
Server operating system version
Ubuntu 20.04
Plesk version and microupdate number
18.0.57 Update #3
Hello community!

I have a custom Fail2ban filter and jail. They were both set up from the web interface, however, one of my sites encountered an issue with Google's crawlers being banned by it.

Obviously they use a whole bunch of IPs which they might change so I figured the best way is to check the reverse DNS of the given IP. So I've created a script that would fail/succeed the PTRs to what google state their rDNS would be. So far so good, but in order for Fail2ban to use it I was thinking of utilizing the "ignorecommand" flag in the jail.local, but I'm worried about manually editting the file.

Does anybody know if editting the jail.local manually gets overwritten by Plesk? I would assume so, but I then wonder if there's anyway to let Plesk know about my change? I can't edit the default jail via the Plesk GUI/CLI, nor do any of the settings cover this.

I combed through the forum and documentation but found nothing to address my specific concern, so if anybody can help point me in the right direction that would be great!
 
You'd add the list of whitelisted ip addresses to the jail in /etc/fail2ban/jail.local with "ignorip = ...".
 
You'd add the list of whitelisted ip addresses to the jail in /etc/fail2ban/jail.local with "ignorip = ...".
Sure, but that is for IPs, which Google has a lot of and not all of them are used for crawlers and they change them quite often. So really I'm looking for how to implement "ignorecommand=". Also wouldn't manually editting the file conflict with Plesk and have it be re-written each time I add a new whitelisted IP from the GUI for example?
 
Sure, but that is for IPs, which Google has a lot of and not all of them are used for crawlers and they change them quite often. So really I'm looking for how to implement "ignorecommand=".
I think you mean "ignoreregex" in the filter file? Because you could add a "googlebot" exception there so that any time the user-agent is googlebot, the rule does not apply.
 
Back
Top