Managing IP Address Banning (Fail2Ban)
Plesk version: Plesk 12.0 - Plesk Onyx 17.5
XML API version: 184.108.40.206 - 220.127.116.11
Plesk user: Plesk Administrator
The ip-ban operator is used to configure protection from brute force attacks, which is provided by the Fail2Ban software. It is available only on Linux servers.
Fail2Ban uses regular expressions to monitor log files for patterns corresponding to authentication failures and other errors that are considered suspicious. If an IP address makes too many login attempts within a time interval defined by the administrator, this IP address is banned for a certain period of time. Fail2Ban can also update firewall rules and send email notifications. When the ban period is over, the IP address is automatically unbanned.
Note: You can also retrieve information about the current state of the Fail2Ban service by means of the server get operation, and start, stop, or restart the service by using the server srv_man operation.