• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue fail2ban: Plesk does not correctly create jail.local (or is it correct?)

K

King555

Regular Pleskian
I just configured fail2ban via Plesk and afterwards I checked the jail.local file in /etc/fail2ban/.

It seems like this file is not created correctly by Plesk. Or do I misunderstand something?

Here is the relevant content:

Code: 
[DEFAULT]
ignoreip = 127.0.0.1/8 ::1
maxretry = 3
destemail = [email protected]
findtime = 600
bantime = 86400

[recidive]
enabled = true
maxretry = 5

[plesk-proftpd]
enabled = true
maxretry = 10
action = iptables-allports[name=plesk-proftpd]

[plesk-postfix]
enabled = true
maxretry = 3
action = iptables-allports[name=plesk-postfix]

[plesk-horde]
enabled = true

[plesk-apache-badbot]
enabled = true
bantime = 604800
action = iptables-allports[name=plesk-apache-badbot]

[plesk-wordpress]
enabled = false

[plesk-roundcube]
enabled = true
action = iptables-allports[name=plesk-roundcube]
        sendmail[dest="root", sender="fail2ban", sendername="Fail2Ban", name="default"]

What I'm missing compared to my configuration in Plesk:
- bantime of recidive was set to 604800, but not in the jail.local
- horde should be enabled=false or removed, because I do not have this jail in my list as Horde is not installed (it was for 5 minutes, then I switched to Roundcube)
- plesk-apache-badbot was set to 1 retry, jail.local does not contain line, so I guess the default of 3 will be the value
- Not critical: plesk-postfix has the same maxretry as the default value, shouldn't this value be omitted then?

Is this a bug or is everything working normally, because the information in the jail.local is not the complete configuration?
 
More than 3 years later I allow myself a push post.

- bantime of recidive was set to 604800, but not in the jail.local => still a problem
- horde should be enabled=false or removed, because I do not have this jail in my list as Horde is not installed (it was for 5 minutes, then I switched to Roundcube) => meanwhile solved
- plesk-apache-badbot was set to 1 retry, jail.local does not contain line, so I guess the default of 3 will be the value => still a problem
- Not critical: plesk-postfix has the same maxretry as the default value, shouldn't this value be omitted then? => still a problem, but this time for the ssh jail (meanwhile I set postfix to 2 and this is also visible in the jail.local file); there are other jails with 3 retries which have no value in the file (which seems correctly), so quite a strange behaviour

Any fail2ban experts here? ;)

Also there is another problem with the ssh jail. I want to set it to 2 retries, but then I get banned after only 1 try. So I have to set it to 3 to have 2 retries. What's the logic behind this? In my opinion 2 retries should mean you can type the password incorrectly for 2 times.

Code: 
[ssh]
maxretry = 3
enabled = true
action = iptables-allports[chain="INPUT", name="ssh", protocol="all", returntype="RETURN", lockingopt="-w"]
        sendmail[mailcmd='/usr/sbin/sendmail -f "[email protected]" "[email protected]"', dest="[email protected]", sender="[email protected]", sendername="Fail2Ban", name="ssh"]
 
You must log in or register to reply here.

Similar threads

B
Issue I need help getting setting up a filter for AH01264 in fail2ban
Replies
1
Views
278
Peter Debik
P
J
Resolved Default plesk-wordpress fail2ban doesn't work
Replies
4
Views
1K
Mark_NLD
M
Dave W
Issue fail2ban failed to start: ERROR Failed during configuration: Have not found any log file for plesk-smtp jail
Replies
2
Views
3K
Dave W
Dave W
T
WEB UI - Fail2Ban version 0.11 supports incremental bantime, Plesk UI does not
Replies
9
Views
2K
trialotto
T
M
Resolved transvhosts.pl fails to update apache default DocumentRoot
Replies
16
Views
2K
Peter Debik
P
Back
Top