ip_ban: IP Address Banning (Fail2Ban)
The ip_ban utility allows managing IP addresse banning (Fail2Ban).
With this utility you can perform the following operations:
- View and update IP address banning (Fail2Ban) settings
- View the list of trusted IP addresses, add and remove IP addresses to the list of trusted IP addresses
- View the list of banned IP addresses and unban IP addresses
Usage
ip_ban <command>
Example
The following command sets the IP address ban period to 120 seconds, the time interval for detection of subsequent attacks to 120 seconds, and the number of failures before the IP address is banned to 3:
plesk bin ip_ban --update -ban_period 120 -ban_time_window 120 -max_retries 3
Commands
| Command | Parameter | Description | Example |
|---|---|---|---|
--enable |
Enable IP address banning. |
To enable IP address banning: plesk bin ip_ban --enable |
|
--disable |
Disable IP address banning. |
To disable IP address banning: plesk bin ip_ban --disable |
|
--update or -u
|
Updates IP address banning (Fail2Ban) settings. |
To set the IP address ban period to 120 seconds, the time interval for detection of subsequent attacks to 120 seconds, and the number of failures before the IP address is banned to 3: plesk bin ip_ban --update -ban_period 120 -ban_time_window 120 -max_retries 3 or plesk bin ip_ban -u -ban_period 120 -ban_time_window 120 -max_retries 3 |
|
--info or -i |
Shows IP address banning (Fail2Ban) settings. |
To view IP address banning (Fail2Ban) settings: plesk bin ip_ban --info or plesk bin ip_ban -i |
|
--trusted or -t |
Shows the list of trusted IP addresses. |
To view the list of trusted IP addresses: plesk bin ip_ban --trusted or plesk bin ip_ban -t |
|
--add-trusted |
<ip>[;<ip>,...] |
Adds IP addresses to the list of trusted addresses. |
To add the 10.0.0.1 IP address to the list of trusted IP addresses: plesk bin ip_ban --add-trusted 10.0.0.1 |
--remove-trusted |
<ip>[;<ip>,...] |
Removes IP addresses from the list of trusted addresses. |
To remove the 10.0.0.1 IP address from the list of trusted IP addresses: plesk bin ip_ban --remove-trusted 10.0.0.1 |
--banned or -b
|
Shows the list of banned IP addresses. |
To view the list of banned IP addresses: plesk bin ip_ban --banned or plesk bin ip_ban -b |
|
--unban |
<ip>,<jail>[;<ip>,<jail>...] |
Unbans IP addresses. |
To unban the 10.0.0.1 IP address caught by the ssh jail: plesk bin ip_ban --unban 10.0.0.1,ssh |
--jails or -j |
Displays the list of jails. |
To see the list of available jails: plesk bin ip_ban -j |
|
--enable-jails |
<name>[;<name>;...] |
Enables the selected jails. |
To enable the jail named testjail: plesk bin ip_ban --enable-jails testjail |
--disable-jails |
<name>[;<name>;...] |
Disables the selected jails. |
To disable the jail named testjail: plesk bin ip_ban --disable-jails testjail |
--help or -h
|
Displays help on the use of the utility. |
To view help on the use of this utility: plesk bin ip_ban --help or plesk bin ip_ban -h |
Options
| Option | Parameter | Description | Example |
|---|---|---|---|
-ban_period |
<number> |
Specifies the IP address ban period in seconds. Used with the |
To set the IP address ban period to 120 seconds, the time interval for detection of subsequent attacks to 120 seconds, and the number of failures before the IP address is banned to 3: plesk bin ip_ban --update -ban_period 120 -ban_time_window 120 -max_retries 3 |
-ban_time_window |
<number> |
Specifies the time interval for detection of subsequent attacks in seconds. Used with the |
|
-max_retries |
<number> |
Specifies the number of failures before the IP address is banned. Used with the |