• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Create a Jails Fail2ban for SSH with a different port.

WhiteTiger

WhiteTiger

Basic Pleskian
Server operating system version
Ubuntu 22.04.1 LTS
Plesk version and microupdate number
18.0.50
Access via SSH has been configured with a different port than 22.
How can I create a Fail2ban Jail to monitor it?
Can I copy the one for SSH and edit it?
 
EDIT: fail2ban monitors the log entries in /var/log/secure for failed SSH connectings, no matter which port is used for SSH. However you'll need to adjust the action for the SSH jail to actually block incoming traffic on your custom SSH port.

In Plesk go to Tools & Settings > IP Address Banning (Fail2Ban). Click the Jails tab, then click the SSH link from the list. Click the Change settings button, and change the port number defined for the action. Like example below.
Code: 
action = iptables[name=SSH, port=12345, protocol=tcp]
 
Last edited:
Check if you have a /etc/fail2ban/jail.local and if there is a [ssh] section.
Add an extra line where you define the new port:

[ssh]
enabled = true
port = 999

Restart fail2ban after you've changed the file and check the /var/log/fail2ban.log if it works.
 
The Jail for SSH port 22 I would like to keep in case I need to use this port (which is currently closed by the firewall).
 
In that case change the action of the existing SSH jail to something like:
Code: 
action = iptables-multiport[name="ssh", port="22,1234"]
(replace the 1234 to the actual custom port number you're using).
 
You can just edit the current ssh jail to add:

Code: 
iptables[name=SSH, port=12345, protocol=tcp]

raw
 
You must log in or register to reply here.

Similar threads

serreri
Issue Redundant error after changing ssh port with plesk extension - SSH Terminal - 1.3.8-111
Replies
1
Views
494
Vladimir C.
V
F
Issue No data displayed in Monitoring extension anymore after modifying the Panel access port
Replies
6
Views
534
frg62
F
M
Issue Opening SSH Terminal in Plesk fails
Replies
9
Views
450
alvarezcruz
alvarezcruz
M
Resolved SSH type seems disallowed on migration from WHM to Plesk
Replies
1
Views
217
MHC_1
M
brother4
Question Why isn't xmlrpc.php monitored by the WordPress jail in Fail2Ban?
Replies
8
Views
2K
Maarten
M
Back
Top