Knowledge Base

Fail2Ban iptables rules can be erased sometimes by disabling Plesk Firewall

Symptoms

When Fail2Ban is enabled and has already banned some IP addresses, its rules in iptables can be removed when Plesk Firewall is disabled.

Cause

Plesk bug PPPM-9399 that is planned to be fixed in future updates.

Resolution

Until the bug is fixed, use the workaround:

Connect to the server using SSH.
Open the file /etc/init.d/psa-firewall for editing and modify it as follows:
- Before:
  
  if "$emergency"; then
  echo "$SERVICE_NAME: firewall successfully disabled"
  exit 0
  else
  echo "$SERVICE_NAME: failed to disable firewall"
  exit 1
  fi
- After:
  
  if "$emergency"; then
  echo "$SERVICE_NAME: firewall successfully disabled"
  
  if [ "active" == `/bin/systemctl is-active fail2ban.service` ] ; then
  echo "$SERVICE_NAME: fail2ban will restart now."
  systemctl restart fail2ban.service &
  else
  echo "$SERVICE_NAME: fail2ban is not active and will not be restarted."
  fi
  exit 0
  
  else
  echo "$SERVICE_NAME: failed to disable firewall"
  exit 1
  fi

Note: After this modification, Fail2Ban service will be restarted on Plesk firewall disable action.

Related Posts

WordPress Firewall – Why Do You Need One?

Using Fail2ban to Secure Your Server

Wordfence vs Sucuri – WordPress Security Plugins Comparison

Knowledge Base

Warnings during system updates on a Plesk server with Ubuntu 22.04: Key is stored in legacy trusted.gpg keyring

Unable to open Updates & Upgrades on Plesk for Linux: ERR_CONNECTION_TIMED_OUT

Unable to change the type of an IP address in Plesk for Windows Server: Cannot connect to the task manager (plesk-task-manager service might not be running)

Images from WordPress website hosted on Plesk server are not available on third-party resource: Stop! This image was hotlinked

Hosting Wiki