Resolved IP Address Banning

[Zardiw]

This part of Plesk Onyx is really screwed up.

After adding an IP to the Trusted Zone, it spins forever.......never comes back with a verification

THEN, after going somewhere else in the control panel, and coming back to IP Address Banning,
It Spins again and never brings it up again.

Maybe after some hours it will come back.....

z

 

[Zardiw]

Even if you log out and log in again.....subsequent attempts to access IP Address Banning result in THIS:

504 Gateway Time-out
nginx

 

[Bitpalast]

This is caused by log files that are "too large" or by too many log files that fail2ban needs to scan. I recommend to limit the log file size to 10 MB max. Specifically watch your general access_log and error_log files that are not associated with a virtual host, but are the main web server log files. These can grow fast and way beyond good. It might help to disable the general Apache and Bad Bot jails.

If you have many domains on a server, split the Apache, bad bot and Wordpress jails into 26 jails named A through Z for each type of analysis. This will keep each process small and enable fail2ban to manage many domains.

I suggest, too, to look into kb.plesk.com, keyword "fail2ban". There are many articles on different fail2ban situations.

 

[Zardiw]

I have looked but cannot find where to limit log files.

 

[Zardiw]

And wouldn't it make more sense for fail2ban to scan only the parts it hasn't scanned since last time it scanned?

z

 

[mr-wolf]

I don't use fail2ban as I am writing that kind of stuff myself.
I've always used logtail for that....
It will skip the parts of the logs it has scanned already.

I would assume the writers of fail2ban do the same (using logtail or their own implementation).

 

[Zardiw]

Mr. Wolf.........Thank you.

Could you by any chance offer code for fail2ban to ban 404 errors?

z