Fail2Ban Rules can be erased by Plesk Firewall sometimes

Follow

Comments

2 comments

  • Avatar
    Julian Aubertin

    In my Opinion, the psa-firewall script needs to restart fail2ban when called, but only when fail2ban is active. This can be done by editing the /etcinit.d/psa-firewall skript like:

    after emergency=....

    insert:

    fail2ban_restart () {
    if [ "active" == `/bin/systemctl is-active fail2ban.service` ] ; then
    echo "$SERVICE_NAME: fail2ban will restart now."
    systemctl restart fail2ban.service &
    else
    echo "$SERVICE_NAME: fail2ban is not active and will not be restarted."
    fi
    }

    fail2ban_restart checks if fail2ban is active and restarts ist when detected. You then need to call the function in the start, stop and restart section after the echo statements.

    In Ubuntu 16 fail2ban stores the bans in a DB so no ban will be lost. I assume it does also in other systems.

    0
    Comment actions Permalink
  • Avatar
    Pavel Rozental

    Hello Julian,

    Thank you for provided information.

    I have passed it to our developers. They will consider this solution.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request