Articles in this section

See more

Trusted IP is blocked by Fail2Ban

Avatar
Alexander Nezymaev
Updated
Follow

Applicable to:

  • Plesk for Linux

Symptoms

IP address 192.0.2.2 is added into trusted list in Plesk > Tools & Settings > Fail2Ban > Trusted IP addresses. But still, this IP is blocked by Fail2Ban. 

  • In /var/log/fail2ban the following messages are shown:
fail2ban.filter [18221]: INFO [any-service] Found 192.0.2.2

fail2ban.actions [18221]: NOTICE [any-service] Ban 192.0.2.2
  • In /etc/fail2ban/jail.conf the following lines could be found:
...
[DEFAULT]
...
ignoreip = 127.0.0.1/8
...
[any-service]
...
ignoreip = 127.0.0.1/8
  • In /etc/fail2ban/jail.local the following lines could be found:
[any-service]
...
ignoreip = 127.0.0.1/8

Cause

Fail2Ban misconfiguration.

As global Fail2Ban configuration is written by Plesk in /etc/fail2ban/jail.local file under [Default] section, it could be overwritten by additional entries for individual services or globally in another file. So when additional entry is written it overwrites the original global configuration.

Resolution

  1. Log into the server via SSH.
  2. Delete the additional ignoreip entries in /etc/fail2ban/jail.local and /etc/fail2ban/jail.conf.

Note: in /etc/fail2ban/jail.local " ignoreip" entries should be deleted in any section except [Default].

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles