• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue How to enable fail2ban for fellow other admins using the restricted mode?

M

MHC_1

Basic Pleskian
Server operating system version
Almalinux 9.2
Plesk version and microupdate number
18
How to set that other admin level Plesk users are able to also set and unblock IPs on the fail2ban system?

I can set/clear IP Blocks when logged in as the primary admin, but other admins have a fail2ban button on their log in but the button only goes to a "permission denied" screen.

The "restricted mode" documentation (as with most plesk documentation) is extremely poor and doesn't intuitively show how to do this.

Various Plesk settings such as allowing IP stuff on the Restricted Mode control are enabled, which seems logical, but no ability for fellow admins to access FAil2ban.

How do we fix this?
 
Hello, @MHC_1 . Could you please double-check in Tools & Settings > Restricted Mode Settings > Administrative Tools if you have "Server settings" enabled? If enabled, the additional admin accounts should be able to access Fail2Ban and manage IP bans. As for the linked UserVoice request, ability to enable/disable Fail2ban management access on a per-admin account basis hasn't been introduced yet.
 
@Sebahat.hadzhi thank you that has resolved it. What does the option "Server Settings" actually specifically enable ?

Is there any documentation to show what actual things each of the options on the Restricted Mode settings choices actually effects? I would have found this button if it had a subtitle outlining all the aspects it relates to.
 
This is sort of a workaround to enable Fail2ban as the functionality is not natively supported. The setting also controls the following:
  • Web Application Firewall (ModSecurity)
  • Restrict Creation of Subzones
  • Prohibited Domain Names
  • Server Settings
  • Customize Plesk URL
  • Server Statistics Settings
I do not believe the public documentation covers that or the rest of the available settings in restricted mode. I will double-check with our team if documenting every individual setting is possible.
 
You must log in or register to reply here.

Similar threads

H
Question SSH user can see other subdomain directories even with chrooted shell?
Replies
3
Views
489
Raul A.
R
E
Additional Admin in Restricted Mode doesn't want WP Toolkit Notifications
Replies
1
Views
3K
Kaspar
K
O
Question How to fine-tune Fail2Ban? (filters, jails, settings, Nginx, blocklists, badips sync, IPv6)
Replies
12
Views
6K
IgorG
IgorG
E
How to Set up Your WordPress Website Security
Replies
0
Views
2K
Elvis Plesky
E
I
Using Elastic Stack for Data Analysis and XenForo for Forums
Replies
0
Views
3K
igubaidullin
I
Back
Top