VestaCP - Fail2Ban & iptables problem

[HarberCandelario]

Hello there 🙂 thanks for the wonderful guides!
I have a vps in hetzner with Centos 7.7 and I am facing a huge problem!
The datacenter of hetzner is infested with bots and my server is getting hammer by bots that are trying to hack my server.
Luckily i'm using ssh key and not password but still i see in the logs gazillions attempts to login as root. Anyway, my problem is that fail2ban doesn't work correctly and restarts constantly the iptables which in turn blocks all access to my mail server!
If i turn off the fail2ban, iptables works very good and I can use my mail server normally, when I turn the fail2ban on, iptables is constantly on 0 minutes up time and I can't connect to my email server.
All other services seems to work correct, only mail server seems to be affected but then again i see billions of attempts to connect to it without any of those accounts existing or whatsapp gb
My config for fail2ban:
[repeat-iptables]
enabled = true
filter = repeat-offender
action = vesta-repeat[name=REPEAT]
logpath = /var/log/fail2ban.log

If 3 bans in 24 hours, ban for a month
bantime = 2592000
findtime = 86400
maxretry = 1

[ssh-iptables]
enabled = true
filter = sshd
action = vesta[name=SSH]
logpath = /var/log/secure
maxretry = 1

[vsftpd-iptables]
enabled = true
filter = vsftpd
action = vesta[name=FTP]
logpath = /var/log/vsftpd.log
maxretry = 1

[exim-iptables]
enabled = true
filter = exim
action = vesta[name=MAIL]
logpath = /var/log/exim/main.log
maxretry = 1

[dovecot-iptables]
enabled = true
filter = dovecot
action = vesta[name=MAIL]
logpath = /var/log/dovecot.log
maxretry = 1

[mysqld-iptables]
enabled = false
filter = mysqld-auth
action = vesta[name=DB]
logpath = /var/log/mysqld.log
maxretry = 1

[vesta-iptables]
enabled = true
filter = vesta
action = vesta[name=VESTA]
logpath = /var/log/vesta/auth.log
maxretry = 1

[recidive]
enabled = true
logpath = /var/log/fail2ban.log
port = all
protocol = all
bantime = 2592000 ; 30 days
findtime = 864000 ; 1 day
maxretry = 1

#[roundcube-auth]
#enabled = true
#action = vesta[name=WEB]
#logpath = /var/log/roundcubemail/errors.log
#maxretry = 1

[shown]

Hello there 🙂 thanks for the wonderful guides!
I have a vps in hetzner with Centos 7.7 and I am facing a huge problem!
The datacenter of hetzner is infested with bots and my server is getting hammer by bots that are trying to hack my server.
Luckily i'm using ssh key and not password but still i see in the logs gazillions attempts to login as root. Anyway, my problem is that fail2ban doesn't work correctly and restarts constantly the iptables which in turn blocks all access to my mail server!
If i turn off the fail2ban, iptables works very good and I can use my mail server normally, when I turn the fail2ban on, iptables is constantly on 0 minutes up time and I can't connect to my email server.
All other services seems to work correct, only mail server seems to be affected but then again i see billions of attempts to connect to it without any of those accounts existing or whatsapp gb
My config for fail2ban:
[repeat-iptables]
enabled = true
filter = repeat-offender
action = vesta-repeat[name=REPEAT]
logpath = /var/log/fail2ban.log

If 3 bans in 24 hours, ban for a month
bantime = 2592000
findtime = 86400
maxretry = 1

[ssh-iptables]
enabled = true
filter = sshd
action = vesta[name=SSH]
logpath = /var/log/secure
maxretry = 1

[vsftpd-iptables]
enabled = true
filter = vsftpd
action = vesta[name=FTP]
logpath = /var/log/vsftpd.log
maxretry = 1

[exim-iptables]
enabled = true
filter = exim
action = vesta[name=MAIL]
logpath = /var/log/exim/main.log
maxretry = 1

[dovecot-iptables]
enabled = true
filter = dovecot
action = vesta[name=MAIL]
logpath = /var/log/dovecot.log
maxretry = 1

[mysqld-iptables]
enabled = false
filter = mysqld-auth
action = vesta[name=DB]
logpath = /var/log/mysqld.log
maxretry = 1

[vesta-iptables]
enabled = true
filter = vesta
action = vesta[name=VESTA]
logpath = /var/log/vesta/auth.log
maxretry = 1

[recidive]
enabled = true
logpath = /var/log/fail2ban.log
port = all
protocol = all
bantime = 2592000 ; 30 days
findtime = 864000 ; 1 day
maxretry = 1

#[roundcube-auth]
#enabled = true
#action = vesta[name=WEB]
#logpath = /var/log/roundcubemail/errors.log
#maxretry = 1

I had the same issue.
Installed vestacp on a new centos 7 machine, and missing:

action.d/vesta.conf
filter.d/vesta.conf
jail.local

Also, Memory Usage graph is not working in the admin.

[Martinlutherz]

This information has been quite fruitful as I have applied on GB whatsapp Pro APK on my iphone 12 pro and I got my work done in few minutes.

[jiggy927]

Try out the New 2022 latest updated version of the GBWhatsApp (WhatsAppGB) APK 53MB file (Anti-Ban) by clicking the download button below. Our GBWhatsApp is Ads free and our version has unique custom dynamic themes, custom UI, custom fonts, location-based dating, and more.

[Ryan70]

Hello there 🙂 thanks for the wonderful guides!
I have a vps in hetzner with Centos 7.7 and I am facing a huge problem!
The datacenter of hetzner is infested with bots and my server is getting hammer by bots that are trying to hack my server.
Luckily i'm using ssh key and not password but still i see in the logs gazillions attempts to login as root. Anyway, my problem is that fail2ban doesn't work correctly and restarts constantly the iptables which in turn blocks all access to my mail server!
If i turn off the fail2ban, iptables works very good and I can use my mail server normally, when I turn the fail2ban on, iptables is constantly on 0 minutes up time and I can't connect to my email server.
All other services seems to work correct, only mail server seems to be affected but then again i see billions of attempts to connect to it without any of those accounts existing or whatsapp yo
My config for fail2ban:
[repeat-iptables]
enabled = true
filter = repeat-offender
action = vesta-repeat[name=REPEAT]
logpath = /var/log/fail2ban.log

If 3 bans in 24 hours, ban for a month
bantime = 2592000
findtime = 86400
maxretry = 1

[ssh-iptables]
enabled = true
filter = sshd
action = vesta[name=SSH]
logpath = /var/log/secure
maxretry = 1

[vsftpd-iptables]
enabled = true
filter = vsftpd
action = vesta[name=FTP]
logpath = /var/log/vsftpd.log
maxretry = 1

[exim-iptables]
enabled = true
filter = exim
action = vesta[name=MAIL]
logpath = /var/log/exim/main.log
maxretry = 1

[dovecot-iptables]
enabled = true
filter = dovecot
action = vesta[name=MAIL]
logpath = /var/log/dovecot.log
maxretry = 1

[mysqld-iptables]
enabled = false
filter = mysqld-auth
action = vesta[name=DB]
logpath = /var/log/mysqld.log
maxretry = 1

[vesta-iptables]
enabled = true
filter = vesta
action = vesta[name=VESTA]
logpath = /var/log/vesta/auth.log
maxretry = 1

[recidive]
enabled = true
logpath = /var/log/fail2ban.log
port = all
protocol = all
bantime = 2592000 ; 30 days
findtime = 864000 ; 1 day
maxretry = 1

#[roundcube-auth]
#enabled = true
#action = vesta[name=WEB]
#logpath = /var/log/roundcubemail/errors.log
#maxretry = 1

I had the same issue.
Installed vestacp on a new centos 7 machine, and missing:

action.d/vesta.conf
filter.d/vesta.conf
jail.local

Also, Memory Usage graph is not working in the admin.

I have also tried the same and it worked, thanks!