• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Resolved IP Address Banning

Zardiw

Zardiw

Basic Pleskian
This part of Plesk Onyx is really screwed up.

After adding an IP to the Trusted Zone, it spins forever.......never comes back with a verification

THEN, after going somewhere else in the control panel, and coming back to IP Address Banning,
It Spins again and never brings it up again.

Maybe after some hours it will come back.....

z
 
Even if you log out and log in again.....subsequent attempts to access IP Address Banning result in THIS:

504 Gateway Time-out
nginx
 
This is caused by log files that are "too large" or by too many log files that fail2ban needs to scan. I recommend to limit the log file size to 10 MB max. Specifically watch your general access_log and error_log files that are not associated with a virtual host, but are the main web server log files. These can grow fast and way beyond good. It might help to disable the general Apache and Bad Bot jails.

If you have many domains on a server, split the Apache, bad bot and Wordpress jails into 26 jails named A through Z for each type of analysis. This will keep each process small and enable fail2ban to manage many domains.

I suggest, too, to look into kb.plesk.com, keyword "fail2ban". There are many articles on different fail2ban situations.
 
And wouldn't it make more sense for fail2ban to scan only the parts it hasn't scanned since last time it scanned?

z
 
I don't use fail2ban as I am writing that kind of stuff myself.
I've always used logtail for that....
It will skip the parts of the logs it has scanned already.

I would assume the writers of fail2ban do the same (using logtail or their own implementation).
 
Mr. Wolf.........Thank you.

Could you by any chance offer code for fail2ban to ban 404 errors?

z
 
You must log in or register to reply here.

Similar threads

P
Resolved Suspicious IP address in the list
Replies
2
Views
624
Patashoow
P
carlsson
Issue Really strange problem – I can't use my SMTP server intermittently
Replies
2
Views
281
carlsson
carlsson
learning_curve
Resolved Plesk - The Mysterious Location Of Plesk's Official IP Addresses / CIDR Addresses
Replies
13
Views
1K
learning_curve
learning_curve
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
2K
The 8th
The 8th
Quinten
Issue Cannot remove local IP
Replies
4
Views
738
Quinten
Quinten
Back
Top