Use Fail2Ban on a 1&1 Cloud Server with Plesk

Table of Contents

Introduction

Fail2Ban is an IP address banning system which can protect a server from brute force attacks. Fail2Ban monitors the server's logs for suspicious activity, and watches for repeated login attempts during a short time interval.

For more information about using Fail2Ban on a Plesk server, see the official Plesk documentation.

Note: Fail2Ban is not able to protect against distributed brute force attacks, because it identifies attacks by IP address.

For any 1&1 Cloud Server with Plesk, applications like Fail2Ban should always be installed and managed through the Plesk interface. Follow the instructions in this tutorial to learn how to install and run Fail2Ban on a Plesk server.

Requirements

  • A 1&1 Cloud Server with Plesk 12.5 or better (any operating system)

This tutorial uses the Power User view. You can change the Plesk view by clicking Change View at the bottom of the column on the left.

Install Fail2Ban

Log in to Plesk. In the left navigation bar, click Tools & Settings.

Fail2Ban on Plesk 1

Click Updates and Upgrades.

Fail2Ban on Plesk 2

Click Add/Remove Components.

Fail2Ban on Plesk 3

Click the drop-down menu next to Fail2Ban.

Fail2Ban on Plesk 4

Click Install.

Fail2Ban on Plesk 5

Click Continue.

Fail2Ban on Plesk 6

Fail2Ban will be installed.

Enable Fail2Ban

After installing Fail2Ban, go to Tools & Settings.

Fail2Ban on Plesk 1

Go to Security: IP Address Banning (Fail2Ban).

Fail2Ban on Plesk 7

Select Enable intrusion detection.

Fail2Ban on Plesk 8

If you wish, customize the IP address ban period, time interval for attack detection, or the number of failed logins before an IP address is banned. To activate Fail2Ban, click OK.

Fail2Ban on Plesk 9

Fail2Ban will be activated.

Comments

Tags: Plesk / Security