Applicable to:
- Plesk Onyx for Linux
- Plesk for Linux
Symptoms
-
IP address 192.0.2.2 is added into trusted list in Plesk > Tools & Settings > Fail2Ban > Trusted IP addresses. But still, this IP is blocked by Fail2Ban.
-
In
/var/log/fail2ban
the following messages are shown:CONFIG_TEXT: fail2ban.filter [18221]: INFO [any-service] Found 192.0.2.2
fail2ban.actions [18221]: NOTICE [any-service] Ban 192.0.2.2 -
In
/etc/fail2ban/jail.conf
and/etc/fail2ban/jail.local
the following lines for some service could be found:CONFIG_TEXT: [any-service]
...
ignoreip = 127.0.0.1/8
Cause
Fail2Ban misconfiguration.
As global Fail2Ban configuration is written by Plesk in /etc/fail2ban/jail.local
file under [Default]
section, it could be overwritten by additional entries for individual services or globally in another file. Additional entries overwrite the original global configuration.
Resolution
- Log into the server via SSH;
- Delete the additional
ignoreip
entries in/etc/fail2ban/jail.local
and/etc/fail2ban/jail.conf
.
Note: in /etc/fail2ban/jail.local
"ignoreip"
entries should be deleted from all sections except [Default]
.
Comments
0 comments
Please sign in to leave a comment.