Forwarded to devs "IP Address Banning" empty after change rule sets in ModSecurity

[Azurel]

User name: Azurel

TITLE

"IP Address Banning" empty after change rule sets in ModSecurity

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Obsidian 18.0.26, CentOS 7.7

PROBLEM DESCRIPTION

I changed for testing from atomic (free) to comodo rule set. After this, all IPs in "IP Address Banning" were deleted.

If that is indeed the case, there is still a mistake in it. Because even IPs from self-created jails that have nothing to do with the rule set will be deleted.

STEPS TO REPRODUCE

Change rule set for ModSecurity

You need entries in "IP Address Banning"

ACTUAL RESULT

After Change Rule set all banned IPs were deleted

EXPECTED RESULT

1. IPs should not be deleted
or
2. IPs from own created custom jails should not be deleted

ANY ADDITIONAL INFORMATION



YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug

 

[IgorG]

From developer:

Can't reproduce the problem.
Only one jail can be cleaned by this STR - 'plesk-modsecurity'

Note: default time to clean banned IP Adress from jail is 600 seconds
verify 'IP address ban period' param in your custom/other jail
you may set 'IP address ban period' = '-1' to disable remove IP from Banned IP Address

Also, you may check logs by:

IP Address Banning > Logs

2020-04-30 13:16:31,715 fail2ban.actions [11596]: NOTICE [<JAIL-NAME>] Unban <IP_ADDRESS>