Protection Against Brute Force Attacks (Fail2Ban)

IP address banning (Fail2Ban) is an automated way to protect your server from brute force attacks. Fail2Ban uses regular expressions to monitor log files for patterns corresponding to authentication failures and other errors that are considered suspicious.

If an IP address makes too many login attempts within a time interval defined by the administrator, this IP address is banned for a certain period of time. Fail2Ban can also update firewall rules and send email notifications. When the ban period is over, the IP address is automatically unbanned.

Note: To use Fail2Ban, administrators who upgrade from Plesk 11.5 must obtain a new Plesk 12.5 license key either directly from Plesk or from their vendor.

To set up Plesk to automatically ban IP addresses and networks that generate malicious traffic:

  1. Go to Tools & Settings > IP Address Banning (Fail2Ban) (in the Security group). The Fail2Ban component has to be installed on your server.
  2. Select the Enable intrusion detection checkbox.
  3. Specify the following settings:
  4. Click OK.

Now all active Fail2Ban jails will be used to monitor the log files and to ban suspicious IP addresses.

IP_Address_Banning

Fail2Ban in Plesk has the following limitations and peculiarities:

If an IP address should not be blocked:

  1. Go to Tools & Settings > IP Address Banning (Fail2Ban) > Trusted IP Addresses > Add Trusted IP.
  2. In the IP address field, provide an IP address, an IP range, or a DNS host name, and click OK.

You can view and download Fail2Ban log files in Tools & Settings > IP Address Banning (Fail2Ban) > the Logs tab.

You can view the list of banned IP addresses, unban them, or move them to the list of trusted addresses in Tools & Settings > IP Address Banning (Fail2Ban) > the Banned IP Addresses tab.

You can view the list of IP addresses that will never be banned, add IP addresses to and remove from this list in Tools & Settings > IP Address Banning (Fail2Ban) > the Trusted IP Addresses tab.

Next in this section:

Fail2Ban Jails Management