andreios
Regular Pleskian
- Server operating system version
- Ubuntu 22.04
- Plesk version and microupdate number
- 18.0.60
In the default plesk-wordpress jail it looks for /var/www/vhosts/system/*/logs/*access*log.processed. But in my system there was basically nothing in these processed log files. I don't know if it is because I'm only using nginx (proxy off) for all WordPress Hosts. I changed it to /var/www/vhosts/system/*/logs/*access*log
But after I change this, I noticed that fail2ban did not react properly to a brute force attack I was watching in at that time, it created some kind of ban but in iptbles the IP was not visible, so the attack continued unhindered because the address was not blocked. However, it appeared on the list of blocked IPs in fail2ban. Only a restart of fail2ban and the deletion of the incorrectly blocked IP entry caused fail2ban to create a correct entry and the attack was blocked.
But after I change this, I noticed that fail2ban did not react properly to a brute force attack I was watching in at that time, it created some kind of ban but in iptbles the IP was not visible, so the attack continued unhindered because the address was not blocked. However, it appeared on the list of blocked IPs in fail2ban. Only a restart of fail2ban and the deletion of the incorrectly blocked IP entry caused fail2ban to create a correct entry and the attack was blocked.