I installed ISPConfig 3.2.9p1 on 2 servers and today I realized that fail2ban doesn't start automatically on both. is it a desired thing?
This is not related to ISPConfig. Fail2ban is started by systemd and this happens automatically by default. If systemd doe snot start fail2ban on your system, then you should enable it in systemd.
in fact I had to manually execute the "update-rc.d fail2ban enable" command, but I expected this to be done automatically during the installation of ispconfig, which now seems to be all automatic unlike the old versions.
Which OS did you use? On my systems, installed with the auto-installer, fail2ban starts automatically. The command you used is not needed when installing fail2ban, you can see this also in the old manual install guides. So either your base system was configured differently to require it that services must be enabled manually or fail2ban was already installed and disabled in your base image before you started to install ISPConfig.
I use ubuntu 22.04. soon I will have to create 2 more servers with ispconfig. I'll check if fail2ban doesn't start automatically in that case too
As I mentioned, it might be related to your Ubuntu base image, so if you use the same base image it might be you have to turn it on again manually on the other servers as well. I've been using a standard base image as shown here https://www.howtoforge.com/ubuntu-22-04-minimal-server/ and there it is not needed to manually turn on services at boot. If you want to turn on auto start if it is turned off on your server, then the correct command for it is systemd systemctl command: systemctl enable fail2ban The command update-rc.d was used in the past on init.d based systems. That it still worked on your Ubuntu 22.04 is because Ubuntu has some fallback in place to catch calls of the deprecated command.
Yesterday I created a new server and I confirm that fail2ban does not start automatically if ispconfig 3.2.9p1 is installed on the Ubuntu 22.04 base image present on the servers of https://www.hetzner.com/
ISPConfig expects minimal server OS, installed like this: https://www.howtoforge.com/ubuntu-22-04-minimal-server/ The image Hetzner offers seems to be different.
On normal default Ubuntu systems, fail2ban starts automatically, as has been mentioned already. You know now how to enable it correctly using systemd now, so there is no issue at all. Btw. I have no idea why you install such an old ISPConfig version instead of the recent one. The ISPConfig auto-installer, which is the recommended install method for Ubuntu 22.04 installs the current ISPConfig version 3.2.11 and not 3.2.9p1. So not sure which installation method you used as it can not be the official auto installer when the installed ISPConfig version is 3.2.9p1.
To make the automatic startup of Fail2Ban persistent after each reboot, Run: systemctl enable fail2ban Since on Ubuntu 22.04, Fail2Ban is disabled by default (unlike earlier versions of Ubuntu): # systemctl enable fail2ban Synchronizing state of fail2ban. [...] Synchronizing state of fail2ban.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable fail2ban Created symlink /etc/systemd/system/multi-user.target.wants/fail2ban.service → /lib/systemd/system/fail2ban.service. [...]
Yes, I can list a few pages that explain the situation. But mainly since Ubuntu 22.04 disables the Fail2Ban service by default because it's a security tool that is not universally needed for all server setups. So, not all servers face the same level of threat, and enabling Fail2Ban without proper configuration can potentially block legitimate users. To enable Fail2Ban on Ubuntu 22.04, administrators can follow documented guides and configure it according to their security requirements. How To Protect SSH with Fail2Ban on Ubuntu 22.04 | DigitalOcean How To Protect an Nginx Server with Fail2Ban on Ubuntu 22.04 | DigitalOcean How to Protect SSH with Fail2Ban on Ubuntu 22.04 How to install fail2ban on Ubuntu Server 22.04: Jammy Jellyfish | TechRepublic I hope this help.
Same here with Ubuntu 22.04.3 with ISPConfig 3.2.11. It seems to work fine on mine. ISPConfig did install fail2ban via its auto installer and set it up so I don't see any issues. @till already mentioned the command if one needs it:
It's good to know. But all installs I made, Fail2Ban system was always inactive. Need it enable manually. (DO, Linode, AWS, Ubuntu 22.04.3 LTS images)
Friend, seems you are making some confusion. I already know that info. If you check I was answer to @Th0m because he asked it. Not a issue that I have.
Then I see no point of you adding up things already mentioned and clarified earlier. If you have problems or want to discuss, you should open a new thread.
Really, you are confuse about your role in this. If you read the comments with open eyes you will realize that was not me that begun this conversation, but @Th0m that asked for documentation about the Fail2Ban be inactive after install. Don't be impolite in your comments please.
I am still looking for a official statements of developers/maintainers about this changed behaviour, not just guides that state it has been changed without a source... hmm.
Just because I found this thread: I installed a new Ubuntu 22.0.4-Server with the autoinstaller and fear, that it's still an issue? Maybe I'm wrong, but I thougt, ok, check this out by checking the status for fail2ban this way: fail2ban-client status which gets me to this message: ERROR Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running? Then I began with: fail2ban-client start fail2ban-client status And I get the expected response: Status |- Number of jail: 4 `- Jail list: dovecot, postfix-sasl, pure-ftpd, sshd fail2ban seems to be activated, there are shortcuts in rc0.d, etc. but seems not to be started automatically...is this a correct behavior? On another server (20.0.4, installed manually) status brings up a result right away...
