• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Resolved Unable to create nextcloud jail with fail2ban

Z

Zoo3

Regular Pleskian
I use fail2ban and even more so, I use Nextcloud. I've been failing to start fail2ban since NC became version 18.
If I remove the Nextcloud item from fail2ban's jail on PLESK UI, fail2ban will start fine. I add Nextcloud to jail and it fails. I tried to set up jail.conf and filter.conf of people who can start fail2ban with NC18 in my conf respectively.

Previously, nextcloud Jail was inactive on the Plesk UI. When I set up a new conf file and restarted fail2ban(systemctl restart fail2ban), it changed to "active" on the Plesk UI. But when I look at the status(systemctl status fail2ban), fail2ban is failing.

```
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/fail2ban.service.d
└─50-ensure-log.conf
Active: failed (Result: exit-code) since TIME; 3s ago
Docs: man:fail2ban(1)
Process: 10680 ExecStart=/usr/bin/fail2ban-server -xf start (code=exited, status=255)
Process: 10675 ExecStartPre=/bin/sh -c umask 077; touch /var/log/fail2ban.log; restorecon /var/log/fail2ban.log >/dev/null 2>&1 (code=exited, status=0/SUCCESS)
Process: 10673 ExecStartPre=/bin/mkdir -p /var/run/fail2ban (code=exited, status=0/SUCCESS)
Main PID: 10680 (code=exited, status=255)

AAAAAAAA systemd[1]: Started Fail2Ban Service.
AAAAAAAA fail2ban-server[10680]: TIME:41,546 fail2ban [10680]: ERROR Failed during configuration: Bad value substitution:
AAAAAAAA fail2ban-server[10680]: section: [nextcloud]
AAAAAAAA fail2ban-server[10680]: option : action
AAAAAAAA fail2ban-server[10680]: key : action_mwl
AAAAAAAA fail2ban-server[10680]: rawval :
AAAAAAAA fail2ban-server[10680]: TIME:41,551 fail2ban [10680]: ERROR Async configuration of server failed
AAAAAAAA systemd[1]: fail2ban.service: main process exited, code=exited, status=255/n/a
AAAAAAAA systemd[1]: Unit fail2ban.service entered failed state.
AAAAAAAA systemd[1]: fail2ban.service failed.

```

Below is a log of fail2ban.
```
fail2ban.server [16054]: INFO --------------------------------------------------
fail2ban.server [16054]: INFO Starting Fail2ban v0.10.3.fix1
fail2ban.database [16054]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
fail2ban.server [16054]: INFO Shutdown in progress...
fail2ban.server [16054]: INFO Stopping all jails
fail2ban.database [16054]: INFO Connection to database closed.
fail2ban.server [16054]: INFO Exiting Fail2ban
```

I have tried reinstalling fail2ban, which is featured in Plesk's Knowledge. But it was not resolved.
There is no menu to set the "filter" in fail2ban on Plesk. How do I get fail2ban to start successfully?

Does Plesk have Plesk's own fail2ban in it? I didn't have to install FAIL2BAN in YUM, did I?
 
The filters required by Nextcloud are as follows
```
[Definition]
failregex = ^{“reqId”:".",“remoteAddr”:".",“app”:“core”,“message”:“Login failed: '.’ (Remote IP: ‘’)",“level”:2,“time”:".”}$
^{“reqId”:".",“level”:2,“time”:".",“remoteAddr”:".",“app”:“core”.",“message”:"Login failed: '.’ (Remote IP: ‘’)".}$
ignoreregex =
```

I gave up editing in SSH and tried to create filters only via SSH and jail in Plesk.
Then the following error is output.

```
f2bmng failed: TIME fail2ban [903]: ERROR NOK: ('No failure-id group in \'^{\xe2\x80\x9creqId\xe2\x80\x9d:".",\xe2\x80\x9cremoteAddr\xe2\x80\x9d:".",\xe2\x80\x9capp\xe2\x80\x9d:\xe2\x80\x9ccore\xe2\x80\x9d,\xe2\x80\x9cmessage\xe2\x80\x9d:\xe2\x80\x9cLogin failed: \'.\xe2\x80\x99 (Remote IP: \xe2\x80\x98\xe2\x80\x99)",\xe2\x80\x9clevel\xe2\x80\x9d:2,\xe2\x80\x9ctime\xe2\x80\x9d:".\xe2\x80\x9d}$\'',)
ERROR:__main__:Command '['/usr/bin/fail2ban-client', 'reload', '--if-exists', 'nextcloud']' returned non-zero exit status 255
ERROR:__main__:Failed to reload following jails due to errors in configuration: nextcloud
```

I then tried to select an existing filter. Then the following error is output.
```
f2bmng failed: TIME fail2ban [2366]: ERROR NOK: (13, 'Permission denied')
ERROR:__main__:Command '['/usr/bin/fail2ban-client', 'reload', '--if-exists', 'nextcloud']' returned non-zero exit status 255
ERROR:__main__:Failed to reload following jails due to errors in configuration: nextcloud
```
 
This was caused by SELinux.
I disabled SELinux, then reinstalled the "selinux-policy" association, then enabled SELinux. Then I was able to start fail2ban successfully.
 
You must log in or register to reply here.

Similar threads

A
Issue Problems with fail2ban
Replies
1
Views
130
Kaspar@Plesk
Kaspar@Plesk
S
Resolved Error 500 Plesk\Exception\Database DB query failed: SQLSTATE[HY000] [2002] No such file or directory
Replies
10
Views
548
Shasam
S
F
Question Mariadb down after update Plesk /var 100% full
Replies
8
Views
413
flieg4bei
F
A
Resolved Cant install Plesk Email Security (FREE VERSION)
Replies
1
Views
640
alexk345
A
Polli
Issue plesk-ext-monitoring-hcd.service & systemd-quotacheck.service failed
2
Replies
21
Views
1K
jlocana
jlocana
Back
Top