Applicable to:
- Plesk 12.5 for Linux
Note: This article has the reference to the issue with the fix available:
- #PPPM-4692 "Fail2Ban hung when trying to monitor log files after restarting a server with many websites."
Fixed in:- Plesk Onyx 17.5.3 23 March 2017 (Linux)
Symptoms
After enabling a jail, the Fail2Ban service can't be restarted or stopped.
The service status is shown incorrectly, without the jails list:
# service fail2ban status
fail2ban-server (pid 3291) is running
/var/log/fail2ban.log
shows that the service stopped when adding log files to its monitoring pool:
fail2ban.filter [25047]: INFO Added logfile = /var/www/vhosts/system/example.com/logs/proxy_access_log
fail2ban.filter [25047]: INFO Added logfile = /var/www/vhosts/system/example.com/logs/proxy_access_ssl_log
The following errors may appear in
/var/log/fail2ban.log
:
fail2ban.action [1130]: ERROR iptables -D INPUT -p tcp -m multiport --dports http,https,7080,7081 -j f2b-BadBots iptables -F f2b-BadBots iptables -X f2b-BadBots -- stdout: ''
fail2ban.action [1130]: ERROR iptables -D INPUT -p tcp -m multiport --dports http,https,7080,7081 -j f2b-BadBots iptables -F f2b-BadBots iptables -X f2b-BadBots -- stderr: 'iptables: Too many links.\n'
fail2ban.actions [2497]: ERROR Failed to stop jail 'plesk-wordpress' action 'iptables-multiport': Error stopping action
Cause
This is Plesk bug with ID #PPPM-4692 . It was fixed in Plesk Onyx 17.5.3 , and a fix for Plesk 12.5 will be included in one of the next updates. Debian/Ubuntu distros are not affected to the problem, as they use pyinotify as a monitoring backend.
Resolution
Upgrade to the latest Plesk version.
As a workaround, manually edit the file
/usr/lib/pythonX.X/dist-packages/fail2ban/server/database.py
(where X.X is a Python version). The lines to add are marked with '+' sign:
cur = self._db.cursor()
cur.execute("PRAGMA foreign_keys = ON;")
+ cur.execute("PRAGMA synchronous = OFF;")
+ cur.execute("PRAGMA journal_mode = MEMORY;")
try:
cur.execute("SELECT version FROM fail2banDb LIMIT 1")
Comments
0 comments
Please sign in to leave a comment.