¨fail2ban not running¨ and site_health_skip_filters

WP fail2ban Support
,
1

happy new year!

have been running wp-fail2ban for many years, thx so much for this plugin.. :slight_smile:

got this annoyance in health checks (fully updated WP and WP-fail2ban).. health check for fail2ban fails constantly because of chrooted php. message :

[WP fail2ban] fail2ban is not running

all sites have

define('WP_FAIL2BAN_SITE_HEALTH_SKIP_FILTERS', true);

according to the docs (https://docs.wp-fail2ban.com/en/latest/configuration/site-health-tool.html#running-php-with-chroot) , but still, this health check shows up as ¨critical ¨+ ¨Security¨.

don´t want to allow users to run systemctl, so, how can i skip this check completely?

(running my own checks/monitors on fail2ban daemon)

thanks in advance,

2

Are you sure your chroot is working properly?

The test in question is lib/SiteHealth/TestFail2banRunning.php. The first thing it checks is that exec() works (lots of people disable that), and then that /usr/bin/systemctl exists.

If you’ve got a clean chroot there should be no /usr/bin/systemctl.

That said, I’d love to know what the value of $rv is on line 55 - any chance you could drop this in and let me know what it says?

$results->description .= '<pre>rv = '.$rv.'</pre>';

Edited to add: WP_FAIL2BAN_SITE_HEALTH_SKIP_FILTERS doesn’t control this test, only whether the filters are checked.