Articles in this section

See more

Trusted IP is blocked by Fail2Ban

Avatar
Mikhail Shport
Updated
Follow
Plesk for Linux kb: technical ABT: Group A

Applicable to:

  • Plesk Onyx for Linux
  • Plesk for Linux

Symptoms

  • IP address 192.0.2.2 is added into trusted list in Plesk > Tools & Settings > Fail2Ban > Trusted IP addresses. But still, this IP is blocked by Fail2Ban.

  • In /var/log/fail2ban the following messages are shown:

    CONFIG_TEXT: fail2ban.filter [18221]: INFO [any-service] Found 192.0.2.2
    fail2ban.actions [18221]: NOTICE [any-service] Ban 192.0.2.2

  • In /etc/fail2ban/jail.conf and /etc/fail2ban/jail.localthe following lines for some service could be found:

    CONFIG_TEXT: [any-service]
    ...
    ignoreip = 127.0.0.1/8

Cause

Fail2Ban misconfiguration.

As global Fail2Ban configuration is written by Plesk in /etc/fail2ban/jail.local file under [Default] section, it could be overwritten by additional entries for individual services or globally in another file. Additional entries overwrite the original global configuration.

Resolution

  1. Log into the server via SSH;
  2. Delete the additional ignoreip entries in /etc/fail2ban/jail.local and /etc/fail2ban/jail.conf.

Note: in /etc/fail2ban/jail.local "ignoreip" entries should be deleted from all sections except [Default].

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles