Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks. It is used to block IP addresses that have multiple failed login attempts. On a Plesk server, you can manually block an IP address using Fail2Ban. Here's how:
-
Log in to your Plesk server with root or administrator privileges.
-
Open a terminal or SSH session.
-
First, ensure that Fail2Ban is running by executing the following command:
systemctl status fail2banIf it's not running, start it with:
systemctl start fail2ban -
To manually block an IP address, use the following command, replacing
<IP_ADDRESS>with the actual IP address you want to block, and<JAIL_NAME>with the appropriate jail name (e.g., 'plesk-panel', 'plesk-proftpd', 'plesk-dovecot'):fail2ban-client set <JAIL_NAME> banip <IP_ADDRESS>For example, to block the IP address 192.168.1.1 from accessing the Plesk panel, use:
fail2ban-client set plesk-panel banip 192.168.1.1 -
Verify that the IP address is blocked by checking the list of banned IPs for the specified jail:
fail2ban-client status <JAIL_NAME> -
If you want to unban the IP address in the future, use the following command, replacing
<IP_ADDRESS>and<JAIL_NAME>with the appropriate values:fail2ban-client set <JAIL_NAME> unbanip <IP_ADDRESS>
These steps will help you manually block and unblock IP addresses using Fail2Ban on a Plesk server.
