Fail2ban not picking up failed logins for fail2ban

Lots of failed attempts in proftp log. None are picked up in fail2ban.
2023-05-01 13:01:54,948 main.fruitloops.com proftpd[1859377] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:01:56,580 main.fruitloops.com proftpd[1859381] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:01:59,553 main.fruitloops.com proftpd[1859385] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:01,840 main.fruitloops.com proftpd[1859390] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:03,744 main.fruitloops.com proftpd[1859403] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:06,236 main.fruitloops.com proftpd[1859406] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:08,716 main.fruitloops.com proftpd[1859411] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:11,228 main.fruitloops.com proftpd[1859417] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:14,029 main.fruitloops.com proftpd[1859421] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:15,897 main.fruitloops.com proftpd[1859427] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:18,385 main.fruitloops.com proftpd[1859431] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:21,178 main.fruitloops.com proftpd[1859436] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:23,811 main.fruitloops.com proftpd[1859440] main.fruitloops.com (85.31.46.246[85.31.46.246]): USER killmorehackers (Login failed): Incorrect password 2023-05-01 13:02:26,388 main.fruitloops.com proftpd[1859450] main.fruitloops.com

I thought I saw a something on this and a patch the released, have you checked the forum.

I thought it was supposed to be fixed in 7.7-3 though. I remember it had something to do with logging.

I check the forum and the patch is in virtualmin-config from 7.0.11, mine is still at 7.0.8.1

image1386×140 28.4 KB

Ah. I was thinking the last VM update would have this so I waited. I haven’t patched and hunked and chunked in over 20 years. Right now I have proftpd shut off and may just leave it that way now. Looks like my former partner is gonna drag his feet forever and do ‘whatever/whenever’.

I just had a look, differently not patched. You could download the latest from here and replace.

I found the file on rocky9 here
/usr/share/perl5/vendor_perl/Virtualmin/Config/Plugin
else you need to wait.

Thanks. Personally, I can live without FTP. I turned it on for testing some stuff today. So, it is off again.

@Joe, we need to release a new Virtualmin-Config.

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.