Fail2ban named-refused jail not working resolution at arm’s length with these troubleshooting tips by our experts.
At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Services.
Let’s take a look at how our Support Team helped our customers when Fail2ban named-refused jail not working.
How to fix: Fail2ban named-refused jail not working
Are you having trouble with fail2ban recently? One of our customers faced an issue where a jail called “named-refused” exists. Additionally, although the banned IPs make their way to the fail2ban.log file, these IPs are not actually blocked. Interestingly, the root cause behind this error is a missing expression in the named-denied filter to block IP.
Our Support Techs put together a solution to resolve the issue. It involves adding the following filter to the filter:
failregex = ^(?:view (?:internal|external): )?query(?: \(cache\))?
and commenting out the earlier rule “failregex = denied”. This will probably resolve the named-refused jail not working issue.
If the above solution does not help, our Support Techs have one more ace up their sleeve.
- To begin with, check the fail2ban service is currently running without error by restarting it with the following command:
systemctl restart fail2ban.service
- Next, verify the jails are enabled with this command:
fail2ban-client status
This command will return the number of jails. If it returns 0, we have to enable the correct jails by going to jail.local file.
For instance,
# # SSH servers # [sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal enabled = true mode = aggressive port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s
Let us know which troubleshooting tip helped resolved the Fail2ban named-refused jail not working issue at your end.
[Need assistance with a different issue? We are available 24/7.]
Conclusion
In a nutshell, our skilled Support Engineers at Bobcares demonstrated two ways to solve Fail2ban named-refused jail not working issue.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
0 Comments