• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Please beaware of a breaking change in the REST API on the current Plesk release (18.0.62).
    Starting from Plesk Obsidian 18.0.62, requests to REST API containing the Content-Type header with a media-type directive other than “application/json” will result in the HTTP “415 Unsupported Media Type” client error response code. Read more here

Issue Problem tuning fail2ban

S

SalvadorS

Regular Pleskian
Server operating system version
Debian 11
Plesk version and microupdate number
18.0.61
Hello,

I found a very nice article in plesk blog to block badbots with fail2ban. I have problems with ClaudeBot who is hitting the server all the time.

The problem is that I have some problems with the article.

First I edited /etc/fail2ban/filter.d/apache-badbots.conf as requested adding the line:

badbots = ClaudeBot|ClaudeBot/1\.0

As I want to block this bot only (as a test)

and then reload:

fail2ban-client reload plesk-apache-badbots
Click to expand...

But I have an error:

2024-05-30 17:33:30,944 fail2ban [1464544]: ERROR Failed during configuration: No section: 'plesk-apache-badbots'

If you don´t tuch anything (in another server) and reload I received the same error. So it seems is not a problem of the filter...

Also when I test the filter:

fail2ban-regex /var/www/vhosts/domain.com/logs/access_ssl_log /etc/fail2ban/filter.d/apache-badbots.conf
Click to expand...

The result is:

Lines: 7163 lines, 0 ignored, 0 matched, 7163 missed


So no line is checked...

So I can´t block the bot in the server. Any ideas?
 
As I can´t update the post or delete it, this is the new version of it:

Hello,

I found a very nice article in plesk blog to block badbots with fail2ban. I have problems with ClaudeBot who is hitting the server all the time.

The problem is that I have some problems with the article.

First I edited /etc/fail2ban/filter.d/apache-badbots.conf as requested adding the line:

badbots = ClaudeBot|ClaudeBot/1\.0

As I want to block this bot only (as a test)

and then reload:

fail2ban-client reload plesk-apache-badbots
Click to expand...

But I have an error:

2024-05-30 17:33:30,944 fail2ban [1464544]: ERROR Failed during configuration: No section: 'plesk-apache-badbots'

If you don´t tuch anything (in another server) and reload I received the same error.

So I checked again the file /etc/fail2ban/jail.local as the article say and the section in the file is called:

[plesk-apache-badbot]

And not

[plesk-apache-badbots]

(note the s)

So I added the lines under [plesk-apache-badbot] and restart:

fail2ban-client reload plesk-apache-badbot
Click to expand...

Without an s. All ok now (it seems the article have this error), but when I test the filter:

fail2ban-regex /var/www/vhosts/domain.com/logs/access_ssl_log /etc/fail2ban/filter.d/apache-badbots.conf
Click to expand...

The result is:

Lines: 7163 lines, 0 ignored, 0 matched, 7163 missed


So no line is checked...

So I can´t block the bot in the server. Any ideas?
 
Yes, you are right. It's exactly what I did and works!

If someone needs this in the future this is the filter I used to stop the bot:

[Definition]
badbotscustom = EmailCollector|WebEMailExtrac|TrackBack/1\.02|sogou music spider|(?:Mozilla/\d+\.\d+ )?Jorgee
badbots = ClaudeBot|ClaudeBot/1\.0|DataForSeoBot/1\.0|claudebot
failregex = ^(?:\[[^\]]*\] )?<ADDR> [^"]*"[^"]*" \d+ \S+ "[^"]*" "[^"]*(?:%(badbots)s|%(badbotscustom)s)[^"]*"$
ignoreregex =
datepattern = ^[^\[]*\[({DATE})
{^LN-BEG}

I will tune in in the future, but now claudebot is stopped (houndred of IPs....)
 
You must log in or register to reply here.

Similar threads

S
Resolved fail2ban filter apache-badbots "unknown"
Replies
12
Views
1K
JVG
J
J
Issue Default plesk-apache-badbot fail2ban doesn't work
2
Replies
20
Views
1K
Kaspar@Plesk
Kaspar@Plesk
A
Issue Problems with fail2ban
Replies
1
Views
277
Kaspar@Plesk
Kaspar@Plesk
B
Issue I need help getting setting up a filter for AH01264 in fail2ban
Replies
1
Views
342
Peter Debik
P
M
Question fail2ban, can I ban visitors with no user agent?
Replies
1
Views
138
Kaspar@Plesk
Kaspar@Plesk
Back
Top