Resolved IP Address Banning not active

[NITROFOX]

Server operating system version

AlmaLinux 8.8

Plesk version and microupdate number

18.0.56

Hi all,

I'm trying to enable IP Address Banning, Fail2ban, but it doesn't work, I get a green message saying it was active, but a refresh shows that it wasn't active and the option to enable it reappears.


Thanks

 

[Maarten.]

Have you checked the log files for errors?

# tail -f /var/log/fail2ban.log
# tail -f /var/log/plesk/panel.log

 

[NITROFOX]

Have you checked the log files for errors?

# tail -f /var/log/fail2ban.log
# tail -f /var/log/plesk/panel.log

Yes,

fail2ban.log is empty
panel.log no problems


In Log Browser

Execution status has failed with exit code 3, stdout: ● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/fail2ban.service.d
└─50-ensure-log.conf
Active: failed (Result: exit-code) since Tue 2023-11-21 13:48:45 WET; 2h 3min ago
Docs: man:fail2ban(1)
Process: 632957 ExecStart=/usr/bin/fail2ban-server -xf start (code=exited, status=255)
Process: 632953 ExecStartPre=/bin/sh -c umask 077; touch /var/log/fail2ban.log; restorecon /var/log/fail2ban.log >/dev/null 2>&1 (code=exited, status=0/SUCCESS)
Process: 632951 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
Main PID: 632957 (code=exited, status=255)

Nov 21 13:48:45 ipserver systemd[1]: Starting Fail2Ban Service...
Nov 21 13:48:45 ipserver systemd[1]: Started Fail2Ban Service.
Nov 21 13:48:45 ipserver fail2ban-server[632957]: 2023-11-21 13:48:45,601 fail2ban.configreader [632957]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
Nov 21 13:48:45 ipserver fail2ban-server[632957]: 2023-11-21 13:48:45,616 fail2ban [632957]: ERROR Failed during configuration: Have not found any log file for ssh jail
Nov 21 13:48:45 ipserver fail2ban-server[632957]: 2023-11-21 13:48:45,617 fail2ban [632957]: ERROR Async configuration of server failed
Nov 21 13:48:45 ipserver systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/n/a
Nov 21 13:48:45 ipserver systemd[1]: fail2ban.service: Failed with result 'exit-code'.
, stderr:

 

[Peter Debik]

ERROR Failed during configuration: Have not found any log file for ssh jail

Disable the ssh jail, then restart Fail2Ban again. Afterwards, try to check which log is set for the ssh jail (/etc/fail2ban/jail.local has that info in the ssh jail section) and why nothing is logged.

 

[NITROFOX]

Disable the ssh jail, then restart Fail2Ban again. Afterwards, try to check which log is set for the ssh jail (/etc/fail2ban/jail.local has that info in the ssh jail section) and why nothing is logged.

Not working, but I disabe plesk-proftpd, and now is working.

If I try active plesk-proftpd, get this error:

Unable to switch on the selected jails: f2bmng failed: 2023-11-21 22:17:17,458 fail2ban.configreader [5685]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
2023-11-21 22:17:17,460 fail2ban [5685]: ERROR Failed during configuration: Have not found any log file for plesk-proftpd jail
ERROR:__main__:Command '['/usr/bin/fail2ban-client', 'reload', '--if-exists', 'plesk-proftpd']' returned non-zero exit status 255.
ERROR:__main__:Failed to reload following jails due to errors in configuration: plesk-proftpd.

Edit...


Is Fixed now, just change in settings for "/var/log/secure"

https://support.plesk.com/hc/en-us/articles/13302778816663-Fail2Ban-fails-to-start-on-Plesk-for-Linux-server-Could-not-enable-jails-Failed-during-configuration-Have-not-found-any-log-file-for-ssh-jail