Hello Friends, I have a successful clean installation of ISPConfig 3.2.12 on an Ubuntu 24.04. As you know, there is default fail2ban support for Monit. However, when I tested Monit by stopping fail2ban, Monit failed to start fail2ban. Here are my procedure. sudo monit -t ok sudo monit summary fail2ban ok fail2ban_log ok Then, I stopped fail2ban by running: sudo systemctl stop fail2ban.service I checked monit again. It still thought that fail2ban was running!!! sudo monit summary fail2ban ok fail2ban_log ok sudo systemctl status fail2ban.service Dead (inactive) So what is your experience and your solution?
How long did you wait after stopping fail2ban? It takes several minutes before monit checks if service is OK.
In file /etc/monit/monitrc.d/fail2ban, correct this line as: start program = "/etc/init.d/fail2ban start" Then, reload monit.
Monit was recently reported having problem with php-fpm socket due to ownership, but this is new though. Last time I checked fail2ban work fine with that. I am not before my PC but can you check may be because it needs to use systemd instead, like systemctl command in its place?
On Ubuntu 24.04 services should be started and stopped with systemctl commands, not that init.d script. System may get messed up if these are mixed.
I have checked my Ubuntu 24.04 servers and the new one should no longer use init.d, so you may delete /etc/monit/monitrc.d/fail2ban. The latest one should be place in /etc/monit/conf-enabled (but by default they are not linked to conf-available though though the best is to symbolically linked to that as symlink is save storage and avoid unnecessary redundancy). Code: check process fail2ban with pidfile /var/run/fail2ban/fail2ban.pid group fail2ban start program = "/usr/bin/systemctl start fail2ban" with timeout 60 seconds stop program = "/usr/bin/systemctl stop fail2ban" if failed unixsocket /var/run/fail2ban/fail2ban.sock then restart if 5 restarts within 5 cycles then timeout if 5 restarts within 5 cycles then alert check file fail2ban_log with path /var/log/fail2ban.log group fail2ban if match "ERROR|WARNING" then alert
i was the one who found the problem with the php-fpm sockets and monit on ubuntu 24.04. i've not had any problems with fail2ban monitoring using 24.04, i've just tested it, stopping the service, and monit noticed the failure and restarted the service without problems. that said, on a new install.. it looks like monit is set to run service checks every 2 minutes by default... of course, you might have changed the default, or even set a specific interval period for that check in that services own config file. so, depending on what interval settings you have, and monit possibly completing a service check just before you stopped fail2ban, you could have to wait several minutes for monit to recheck that service.
