• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Unable to create nextcloud jail with fail2ban

Z

Zoo3

Regular Pleskian
I use fail2ban and even more so, I use Nextcloud. I've been failing to start fail2ban since NC became version 18.
If I remove the Nextcloud item from fail2ban's jail on PLESK UI, fail2ban will start fine. I add Nextcloud to jail and it fails. I tried to set up jail.conf and filter.conf of people who can start fail2ban with NC18 in my conf respectively.

Previously, nextcloud Jail was inactive on the Plesk UI. When I set up a new conf file and restarted fail2ban(systemctl restart fail2ban), it changed to "active" on the Plesk UI. But when I look at the status(systemctl status fail2ban), fail2ban is failing.

```
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/fail2ban.service.d
└─50-ensure-log.conf
Active: failed (Result: exit-code) since TIME; 3s ago
Docs: man:fail2ban(1)
Process: 10680 ExecStart=/usr/bin/fail2ban-server -xf start (code=exited, status=255)
Process: 10675 ExecStartPre=/bin/sh -c umask 077; touch /var/log/fail2ban.log; restorecon /var/log/fail2ban.log >/dev/null 2>&1 (code=exited, status=0/SUCCESS)
Process: 10673 ExecStartPre=/bin/mkdir -p /var/run/fail2ban (code=exited, status=0/SUCCESS)
Main PID: 10680 (code=exited, status=255)

AAAAAAAA systemd[1]: Started Fail2Ban Service.
AAAAAAAA fail2ban-server[10680]: TIME:41,546 fail2ban [10680]: ERROR Failed during configuration: Bad value substitution:
AAAAAAAA fail2ban-server[10680]: section: [nextcloud]
AAAAAAAA fail2ban-server[10680]: option : action
AAAAAAAA fail2ban-server[10680]: key : action_mwl
AAAAAAAA fail2ban-server[10680]: rawval :
AAAAAAAA fail2ban-server[10680]: TIME:41,551 fail2ban [10680]: ERROR Async configuration of server failed
AAAAAAAA systemd[1]: fail2ban.service: main process exited, code=exited, status=255/n/a
AAAAAAAA systemd[1]: Unit fail2ban.service entered failed state.
AAAAAAAA systemd[1]: fail2ban.service failed.

```

Below is a log of fail2ban.
```
fail2ban.server [16054]: INFO --------------------------------------------------
fail2ban.server [16054]: INFO Starting Fail2ban v0.10.3.fix1
fail2ban.database [16054]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
fail2ban.server [16054]: INFO Shutdown in progress...
fail2ban.server [16054]: INFO Stopping all jails
fail2ban.database [16054]: INFO Connection to database closed.
fail2ban.server [16054]: INFO Exiting Fail2ban
```

I have tried reinstalling fail2ban, which is featured in Plesk's Knowledge. But it was not resolved.
There is no menu to set the "filter" in fail2ban on Plesk. How do I get fail2ban to start successfully?

Does Plesk have Plesk's own fail2ban in it? I didn't have to install FAIL2BAN in YUM, did I?
 
The filters required by Nextcloud are as follows
```
[Definition]
failregex = ^{“reqId”:".",“remoteAddr”:".",“app”:“core”,“message”:“Login failed: '.’ (Remote IP: ‘’)",“level”:2,“time”:".”}$
^{“reqId”:".",“level”:2,“time”:".",“remoteAddr”:".",“app”:“core”.",“message”:"Login failed: '.’ (Remote IP: ‘’)".}$
ignoreregex =
```

I gave up editing in SSH and tried to create filters only via SSH and jail in Plesk.
Then the following error is output.

```
f2bmng failed: TIME fail2ban [903]: ERROR NOK: ('No failure-id group in \'^{\xe2\x80\x9creqId\xe2\x80\x9d:".",\xe2\x80\x9cremoteAddr\xe2\x80\x9d:".",\xe2\x80\x9capp\xe2\x80\x9d:\xe2\x80\x9ccore\xe2\x80\x9d,\xe2\x80\x9cmessage\xe2\x80\x9d:\xe2\x80\x9cLogin failed: \'.\xe2\x80\x99 (Remote IP: \xe2\x80\x98\xe2\x80\x99)",\xe2\x80\x9clevel\xe2\x80\x9d:2,\xe2\x80\x9ctime\xe2\x80\x9d:".\xe2\x80\x9d}$\'',)
ERROR:__main__:Command '['/usr/bin/fail2ban-client', 'reload', '--if-exists', 'nextcloud']' returned non-zero exit status 255
ERROR:__main__:Failed to reload following jails due to errors in configuration: nextcloud
```

I then tried to select an existing filter. Then the following error is output.
```
f2bmng failed: TIME fail2ban [2366]: ERROR NOK: (13, 'Permission denied')
ERROR:__main__:Command '['/usr/bin/fail2ban-client', 'reload', '--if-exists', 'nextcloud']' returned non-zero exit status 255
ERROR:__main__:Failed to reload following jails due to errors in configuration: nextcloud
```
 
This was caused by SELinux.
I disabled SELinux, then reinstalled the "selinux-policy" association, then enabled SELinux. Then I was able to start fail2ban successfully.
 
You must log in or register to reply here.

Similar threads

K
Resolved Ubuntu 24.04 - Fail2ban not working
Replies
2
Views
2K
Kaspar@Plesk
Kaspar@Plesk
A
Issue Problems with fail2ban
Replies
1
Views
688
Kaspar@Plesk
Kaspar@Plesk
P
run-parts: /etc/cron.weekly/fail2ban-vacuum exited with return code 5
Replies
2
Views
481
PixelOnline
P
iWiLL
Issue dist-upgrade Ubuntu 18.04 to Ubuntu 20.04 mySQL FAIL
Replies
2
Views
575
Mikhail_S
Mikhail_S
S
Resolved Error 500 Plesk\Exception\Database DB query failed: SQLSTATE[HY000] [2002] No such file or directory
Replies
10
Views
2K
Shasam
S
Back
Top