• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue plesk does Server down?

Sprayy

New Pleskian
Server operating system version
Ubuntu 22.04
Plesk version and microupdate number
18.0.54
Hello together,
im kinda new into ubuntu and Servers. 4 Months ago i got my first one and everything seemed perfect, but today for some reason i couldnt get to the Server UI (login-page) and all my sites are down. Pinging the Server and the websites seems to be working fine. I tried restarting the server multiple times (soft and hard), but it dindnt help.
I didnt change anything, the server just stopped working (it worked in the morning, didnt work when i came back home 7 hours later).
Any help would be appreciated, thanks.
 
Do you find your own access point IP (or the first three octets of it) in /var/log/fail2ban.log?
 
Do you find your own access point IP (or the first three octets of it) in /var/log/fail2ban.log?
I had the same issue when working on WordPress. The server went down and will not be back till I restart the server. my server specification is attached, I'm using Debian 12.7, and only have one website on this server WordPress

1727898843345.png
 
As Peter explained, the "IP Address Banning (Fail2Ban)" feature might be the culprit.

What could have happened is that while you were editing the WordPress website, the "Web Application Firewall (ModSecurity)" may have triggered a false positive. As a result, "IP Address Banning (Fail2Ban)" blocked your IP based on this false positive from the WAF.

You can check the /var/log/fail2ban.log file to see if your remote IP address is listed in the log.

[Also please ensure that all your server IPs are included in the "Trusted IP Addresses" section of "IP Address Banning (Fail2Ban)." as well]
 
As Peter explained, the "IP Address Banning (Fail2Ban)" feature might be the culprit.

What could have happened is that while you were editing the WordPress website, the "Web Application Firewall (ModSecurity)" may have triggered a false positive. As a result, "IP Address Banning (Fail2Ban)" blocked your IP based on this false positive from the WAF.

You can check the /var/log/fail2ban.log file to see if your remote IP address is listed in the log.

[Also please ensure that all your server IPs are included in the "Trusted IP Addresses" section of "IP Address Banning (Fail2Ban)." as well]
I found a banned IP in the log, but that IP is accessing SSH from another country. Could it be plugin access?
 
As Peter explained, the "IP Address Banning (Fail2Ban)" feature might be the culprit.

What could have happened is that while you were editing the WordPress website, the "Web Application Firewall (ModSecurity)" may have triggered a false positive. As a result, "IP Address Banning (Fail2Ban)" blocked your IP based on this false positive from the WAF.

You can check the /var/log/fail2ban.log file to see if your remote IP address is listed in the log.

[Also please ensure that all your server IPs are included in the "Trusted IP Addresses" section of "IP Address Banning (Fail2Ban)." as well]
Mostly goes down when opening the WordPress dashboard, and most of the ban is about SSH, how can we solve this WordPress falling because of ban
 
is this right to solve the issue : as per screenshot, moved WordPress to be excluded rule.


1727931120653.png
 
WordPress is known to generate false positives with ModSecurity.

If it happens again, click on "Error Log File" on the same page and search for ID's.
They look like this: [id "210492"].

Add that number in the "Security rule IDs" field and ModSecurity will ignore it.
 
WordPress is known to generate false positives with ModSecurity.

If it happens again, click on "Error Log File" on the same page and search for ID's.
They look like this: [id "210492"].

Add that number in the "Security rule IDs" field and ModSecurity will ignore it.
thanks for info
 
Back
Top