• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Fail2ban - plesk says jail is enabled, but it isn't

finbarr69

Basic Pleskian
I was wondering why my plesk-dovecot jail was not having any effect (hackers locking up the webmail with excessive failed logins). Looking at Plesk in the admin interface for fail2ban, it showed as enabled (green tick), but when I look at /etc/fail2ban/jail.d/plesk.conf it shows as enabled=false (all the plesk "enabled" jails do).

I tried to turn it off and on and got these warnings in the Plesk admin page:
Error: Unable to switch off the jail: f2bmng failed: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: 86400
ERROR NOK: ('Invalid log level',)
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload']' returned non-zero exit status 255
ERROR:f2bmng:Failed to reload following jails due to errors in configuration

Then I tried from the command line to restart fail2ban and got:
Starting fail2ban: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: 86400
ERROR NOK: ('Invalid log level',)

So, what's the best thing to get this all working again? I don't mind re-installing fail2ban if that's the easiest solution. I just want it to really work without it pretending it is working. ;-)

Thanks

Brian
 
Hi finbarr69,

actually, you already see the suggestions and resolutions in the warnings:

WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
You didn't define a "syslogsocket" in the specific jail - configuration and the standard setting from "fail2ban.conf" is used. Well, this WARNING is harmless, because it just tells you, that you should use a "syslogsocket" setting in every jail.

WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
You didn't define a "dbfile" in the specific jail - configuration and the standard setting from "fail2ban.conf" is used. Well, this WARNING is harmless, because it just tells you, that you should use a "dbfile" setting in every jail.

WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: 86400
You didn't define a "dbpurgeage" in the specific jail - configuration and the standard setting from "fail2ban.conf" is used. Well, this WARNING is harmless, because it just tells you, that you should use a "dbpurgeage" setting in every jail.


BUT:
ERROR NOK: ('Invalid log level',)
... will result in a non-functional Fail2Ban and therefore the service will not start/restart or reload. Please see "fail2ban.conf" for possible log - level definitions and correct your misconfiguration.
Code:
[Definition]

# Option: loglevel
# Notes.: Set the log level output.
#         CRITICAL
#         ERROR
#         WARNING
#         NOTICE
#         INFO
#         DEBUG
# Values: [ LEVEL ]  Default: ERROR
#
loglevel = ERROR
 
Thank you for your kind reply. However, I thought this was supposed to work out of the box and would have expected the fail2ban.conf to have already been set up appropriately by Plesk.

Can you advise how to simply remove fail2ban and install it again with all the default plesk rules? I'm happy to set things up again from there. :)
 
Hi finbarr69,

the fail2ban - extension does indeed work "out of box", but if your installation is corrupted, or if you modified jails or configuration files, then you have to "repair" that.

  • Make a backup:
mkdir /etc/fail2ban.backup && cp /etc/fail2ban /etc/fail2ban.backup
  • afterwards to remove Fail2Ban:
/usr/local/psa/admin/bin/autoinstaller --select-product-id plesk --select-release-current --reinstall-patch --remove-component fail2ban

... make sure, that the folder "/etc/fail2ban" was removed as well during the removing - process.
  • afterwards to re-install Fail2Ban:
/usr/local/psa/admin/bin/autoinstaller --select-product-id plesk --select-release-current --reinstall-patch --install-component fail2ban
 
Same problem here, even after your mentioned steps I'm still getting the this error messages...

Code:
[[errorJailNotDisabled]]

Code:
Die ausgewählten Jails können nicht eingeschaltet werden: f2bmng failed: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: 86400
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload']' returned non-zero exit status 255
ERROR:f2bmng:Failed to reload following jails due to errors in configuration

I've tried to activate the "plesk-panel" jail. I don't know what's wrong... :-(
 
Hi bergkuh,

ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
this states clear, that you used a setting, with no action, or set an option, which is not supported for your Fail2Ban - version.

If you wish further investigations, please post your current OS, your used Fail2Ban - version and include all configuration files, jails and actions.
 
Hi UFHH01,

If you wish further investigations, please post your current OS, your used Fail2Ban - version and include all configuration files, jails and actions.

I'm running Fail2ban v0.8.13 installed via Plesk 12.0.18 on CentOS 7...
 
Last edited by a moderator:
Hi bergkuh,

please have a look at your files on your own, i.e.: "jail.conf" or/and "jail.local". As you can see, your jails are set to "false" ( in both files ) and are not configured ( in "jail.local" ).

An example for a configured jail:
Code:
[plesk-panel]
enabled = true
action = iptables-multiport[name="plesk-login", port="8880,8443"]
filter = plesk-panel
logpath = /var/log/plesk/panel.log
findtime = 43200
bantime = 86400
maxretry = 5

You are able to configure your jails over the Plesk Control Panel: Tools & Settings > IP Address Banning
 
I've activated the jails by hand in both files. But if I want to deactivate "recidive" via Plesk I get the following error:

Code:
Die ausgewählten Jails können nicht ausgeschaltet werden: f2bmng failed: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: 86400
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: (2, 'No such file or directory')
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload']' returned non-zero exit status 255
ERROR:f2bmng:Failed to reload following jails due to errors in configuration

But the jail is deactivated correctly.
 
If I try to reanable the same jail via the Plesk interface:

Code:
[[errorJailNotDisabled]]
Code:
Die ausgewählten Jails können nicht eingeschaltet werden: f2bmng failed: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: 86400
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR NOK: ('Invalid command (no set action or not yet implemented)',)
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload']' returned non-zero exit status 255
ERROR:f2bmng:Failed to reload following jails due to errors in configuration
.

The jail is still deactivated.
 
In my fail2ban.conf - GitHub - the options for syslogsocket, dbfile and dbpurgeage are missing:

Code:
WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: 86400

Maybe someone can send me a "correct" fail2ban.conf to check if something is missing in mine.

EDIT: Hmmm... Watchdog is saying that fail2ban isn't configured in Plesk but the jails are marked active...
 
Last edited by a moderator:
@UFHH01 many grateful thanks for your instructions. I tweaked the backup command as it didn't work. So I used:

cd /etc
cp -rp fail2ban fail2ban.backup


After un-installing, the fail2ban directory still had some remnants, so I did
rm -rf fail2ban

Then I did the re-install and it fixed everything with the exception of the log file which I had to add by hand by editing /etc/fail2ban/fail2ban.conf and making the following changes:

#logtarget = SYSLOG
logtarget = /var/log/fail2ban.log


(comment out logtarget=syslog and add the next line).

This makes the log file visible from the Plesk Fail2ban interface. Not quite sure why I had to add that, you'd expect Plesk to have configured that already - probably a wee bug, but there you are. :)

@bergkuh have a look at https://github.com/fail2ban/fail2ban/blob/master/config/fail2ban.conf

Warmest regards :) ,

Brian
 
I've no idea how but fail2ban is running... But my fail2ban.log is about 90MB because of different warnings... So how can I run the flushlogs command? Or should I just remove the log and another one will by created by fail2ban? Thanks for your help!!!
 
Hi bergkuh,

please consider to use logrotate for Fail2Ban as well. You might find it usefull to read: "http://www.fail2ban.org/wiki/index.php/MANUAL_0_8"

It is not recommended to delete the log, because you will loose informations about previous banned IPs, which makes the "recidive" - jail useless. Instead you would use logrotate and define a specific size, or rotate on a daily/weekly basis.
 
Back
Top