• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

fail2ban - Unable to disable

hardbrasil

hardbrasil

Regular Pleskian
fail2ban - Unable to disable [Solved]

Hello fellas,

i setup and enable fail2ban by Plesk 12 (tools and settings)

what happens is, few days after i am unable to access this option again. I got time out

i'v tried to disable by ssh "fail2ban-client stop" and nothing...
the command become loading and never conclude,

-----
how to remove or stop fail2ban ?
 
Last edited:
Like the original poster, I have had unsatisfying results with Fail2Ban. I have it running on two other systems but they only have less than 50 domains. On the server with nearly 150 domains, I can no longer get the "home" page in the panel. Nor will the Fail2Ban page come up from the Tools & Setting menu. I've tried Igor's suggestion at the command line and it never comes back. This evening I noticed that the webstats haven't been processed since August 11th which just happens to be when I turned it on; and I have to wonder if that's somehow related. Before I just reboot the server, are there any other suggestions?
 
Last edited:
You might have forgotten to define some exclusions for fail2ban, for example 127.0.0.1 ( localhost ) and your server - IPs.
You can set it over Plesk ... or directly on your server in the "jail.local" configuration file located at /etc/fail2ban/*. The setting for some exclusions are defined as followed:
Code: 
ignoreip = 127.0.0.1/8 XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
...while XXX.XXX.XXX.XXX are your server - IPs or some additional IPs, which should be ignored by fail2ban, because you trust them.

The "stop" suggestion from IgorG will completly stop fail2ban. If you didn't configure automatic restarts for the fail2ban service, it will be stopped upon your next server restart. Optional you can try to restart the fail2ban service with "service fail2ban start" ( or "/etc/init.d/fail2ban start" ) and if you just want a restart of fail2ban then please use "service fail2ban restart" ( or "/etc/init.d/fail2ban restart" ).

To SacAutos:
Keep in mind, that fail2ban sets the iptable - rules based on your settings in your configured jails. The standard jail - rule is mostly the general bantime from the pre-configured jail.conf and is defined for 600 seconds. After this time fail2ban will delete the specific ban untill fail2ban identifies another IP defined by the jail - rules. You should always consider to configure the jail - rule "recidive" as well, because returning bad IPs should be banned for a longer period than 600 seconds. A well working "recidive" jail would look like this:
Code: 
[recidive]

enabled  = true
filter   = recidive
logpath  = /var/log/fail2ban.log
	/var/log/IF_YOU_HAVE_LOGROTATE_DEFINED_TO_ROTATE_FAIL2BAN-LOGS_YOU_CAN_ADD_ANOTHER_PATH_FOR_PREVIOUS_LOGS_HERE*
action   = iptables-allports[name=recidive]
bantime  = 604800  ; 1 week
findtime = 604800  ; 1 day
maxretry = 5

Sometimes it is a good idea to flush all iptables to get rid of bad entries, or entries which should have been removed by fail2ban, but just resist a delete request for what ever reason. The command for this option is "iptables -F" ( or iptables --flush ). Please restart fail2ban with "service fail2ban restart" ( or "/etc/init.d/fail2ban restart" ), because after flushing the whole iptables, the conditions for fail2ban need to be re-defined!

Even if you have 500-and more domains on your server, it doesn't mean that you have thousands of actual fail2ban - rule - breakers. ^^
 
IgorG said:
Just run

# /etc/init.d/fail2ban stop
Click to expand...

I am unable to stop with this command, become loading and nothing...

like SacAutos said i have the same issue. Blank page on home and time out if i try to access fail2ban

ps: i have 140 domains on this server
 
I wound up killing the process with a kill -KILL command as it would not go quietly into the dead of night. For now I have left it disabled so the automation can catch up. Like my other servers, I did nothing to configure it other than simply turn everything on. Frustrating...
 
Hi fellas,
here is the code to kill all fail2ban

ps -ef (to list all process)
ps -ef | grep fail2ban (to list all fail2ban process)

kill `ps ax|grep fail2ban|grep -v grep|awk '{print $1}'`
kill `ps ax|grep f2bmng|grep -v grep|awk '{print $1}'`
Click to expand...
 
You must log in or register to reply here.

Similar threads

D
Sudden problem with themes
Replies
1
Views
5K
rohan3
R
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
2K
The 8th
The 8th
claxman
Issue Anacron job 'cron.daily' on server.domain (Fail2Ban Automatic Closing Problem)
Replies
17
Views
2K
Hiljo_Lodewijk
H
M
Issue New domains view very slow and confusing
Replies
1
Views
512
Peter Debik
P
M
Issue Can't open Port 25. Please help
Replies
2
Views
397
mhogue
M
Back
Top