• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Issue Plesk not showing correct IPs in error logs and is blocking cloudflare IPs in fail 2 ban resulting in server going down.

S

sulabhpuri

New Pleskian
Server operating system version
Plesk Obsidian v18.0.65_build1800241122.08 os_Ubuntu 22.04
Plesk version and microupdate number
v18.0.65
Hi,
We are facing error 521, when Plesk tries to connect to Cloudflare.
Fail2Ban keeps auto-banning all Cloudflare IPs resulting in the server going down. To bring it back up we have to unban the iPS.

Also, Plesk is not showing the correct IPs in the error logs.
it logs Cloudflare iPS and not the origin/original IPS from where the error request originated.

We have tried - https://support.plesk.com/hc/en-us/...lare-CDN-proxy-or-Google-Cloud-Load-Balancing

and IP Addresses Management

But nothing seems to work.

We are on DO and use Cloudflare.

Please help.

Thanks.
 
Adding Cloudflare IP ranges will enabled unlimied brute forcing against the server. The cause for blacking Cloudflare IPs is that attacks are coming through these IPs. When you whitelist them, you'll enable attackers to bypass Fail2Ban. Cloudflare is good for DDoS protection (in a limited way), but it has been causing issues for Fail2Ban not blocking the IP of the origin, but the IP of the requestor (Cloudflare) for months.
 
Bitpalast said:
Adding Cloudflare IP ranges will enabled unlimied brute forcing against the server. The cause for blacking Cloudflare IPs is that attacks are coming through these IPs. When you whitelist them, you'll enable attackers to bypass Fail2Ban. Cloudflare is good for DDoS protection (in a limited way), but it has been causing issues for Fail2Ban not blocking the IP of the origin, but the IP of the requestor (Cloudflare) for months.
Click to expand...
Yes, that is what I was thinking, Putting the CF IP range will just enable them.

Should I put Multi-Factor Authentication (MFA) on? Will that help?

 
You must log in or register to reply here.

Similar threads

B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
8
Views
620
HHawk
HHawk
K
Resolved Plesk Panel Log and Cloudflare - log doesn't show Real IP
Replies
7
Views
3K
Katog Choling
K
raykai
Issue Help needed with restoring users IP when coming from Cloudflare, Provided Doc script not working for me.
Replies
3
Views
1K
ChristophRo
ChristophRo
raykai
Issue Fail2ban not correctly banning IPs from users passing through Cloudflare even if real visitor's IPs are blocked by Fail2ban.
Replies
2
Views
3K
raykai
raykai
D
Issue Incorrect logging of IP from Plesk Windows under Reverse Proxy
Replies
7
Views
5K
dairuru
D
Back
Top