• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Fail2Ban Jail 'plesk-modsecurity' started - but ModSecurity not installed

TimReeves

TimReeves

Regular Pleskian
Username:

TITLE

Fail2Ban Jail 'plesk-modsecurity' started - but ModSecurity not installed

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Debian 11.6, Plesk Obsidian 18.0.51, 64bit

PROBLEM DESCRIPTION

I was just monitoring the fail2ban log for other reasons, and I noticed an entry "Jail 'plesk-modsecurity' started".

That was an unpleasant surorise, as ModSecurity is not installed. Because of this, I have no option in the Ples GUI to turn off the jail.

Obviously the jail should not be started when ModSecurity is not installed, but it is.

STEPS TO REPRODUCE

Deinstall ModSecurity (or don't install it at all), start fail2ban and inspect its log.

ACTUAL RESULT

Jail 'plesk-modsecurity' is started

EXPECTED RESULT

Jail 'plesk-modsecurity' should not be started

ANY ADDITIONAL INFORMATION

(DID NOT ANSWER QUESTION)

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
It is an interesting combination, but not a bug, because the jail is just named after ModSecurity, because it scans ModSecurity log files. There no direct connection between jails and a service, only between jails and log files, yet these log files do not have to result from a specific service with the same name. Having such a jail "online" without ModSecurity does not cause any issues, because once the obviously still existant logs from a previous ModSecurity
installation are only parsed once. Further actions are not done if the log file does not change.

Enabling or disabling jail absolutely does not depend on the existance of a service. There is no reason why disabling the jail should not work, even if ModSecurity does not exist. If you cannot disable it through GUI (although I currently lack imagination why what could be and what you see instead) you can always edit /etc/fail2ban/jail.local an disable it there (set active state to "false").
 
You must log in or register to reply here.

Similar threads

M
fail2ban 500 Error
Replies
8
Views
3K
mytoby
M
J
fail2ban: plesk-wordpress jail is to restrictive
Replies
1
Views
6K
Kaspar@Plesk
Kaspar@Plesk
MSZ
Forwarded to devs Fail2ban: how to get Plesk default jails & filters after re-install?
Replies
4
Views
1K
schlegld
S
Bitpalast
Forwarded to devs Update to 18.0.63 #4 removed /etc/fail2ban/jail.local, crashed Fail2Ban
Replies
3
Views
1K
Sebahat.hadzhi
Sebahat.hadzhi
TimReeves
Fail2Ban Jail needed for /var/log/sw-cp-server/error_log
Replies
5
Views
7K
roon
R
Back
Top