happy new year!
have been running wp-fail2ban for many years, thx so much for this plugin.. 
got this annoyance in health checks (fully updated WP and WP-fail2ban).. health check for fail2ban fails constantly because of chrooted php. message :
[WP fail2ban] fail2ban is not running
all sites have
define('WP_FAIL2BAN_SITE_HEALTH_SKIP_FILTERS', true);
according to the docs (https://docs.wp-fail2ban.com/en/latest/configuration/site-health-tool.html#running-php-with-chroot) , but still, this health check shows up as ¨critical ¨+ ¨Security¨.
don´t want to allow users to run systemctl, so, how can i skip this check completely?
(running my own checks/monitors on fail2ban daemon)
thanks in advance,
Are you sure your chroot is working properly?
The test in question is lib/SiteHealth/TestFail2banRunning.php. The first thing it checks is that exec() works (lots of people disable that), and then that /usr/bin/systemctl exists.
If you’ve got a clean chroot there should be no /usr/bin/systemctl.
That said, I’d love to know what the value of $rv is on line 55 - any chance you could drop this in and let me know what it says?
$results->description .= '<pre>rv = '.$rv.'</pre>';
Edited to add: WP_FAIL2BAN_SITE_HEALTH_SKIP_FILTERS doesn’t control this test, only whether the filters are checked.
1 Like
hey again,
didn’t add this $rv line, but using systemctl command from sitehealth.php check, i did figure out the issue.. sudo -u user /usr/bin/systemctl status --quiet fail2ban :
Failed to connect to bus: No such file or directory
so, dbus was not installed on that server, while sites on another server (with dbus installed), didn’t have the same issue/annoyance on health-check.
installed dbus and waiting for a reboot (some other time), to verify if that was indeed the issue.
sorry for the noize
best,