Monday, December 9, 2019

fail2ban - How To STOP fail2ban From BOGGING DOWN Your Web Server

CentOS 7 / fail2ban


How To STOP fail2ban From BOGGING DOWN Your Web Server

We noticed that our website was bogging down to the point where customers were complaining.

Upon testing the server, we discovered that response was waaay down, and initially thought that it might be due to networking issues on the part of our server provider.

Nope, they reported 100% normal operations, so we were back at trying to figure out what might be the source of the problem.

Now, when things like this happen - look for the last thing you installed.  It might be the culprit!  

In this case...it was a problem with the fail2ban server that I had recently installed and configured, which apparently "gets full" after a few tens or hundreds of thousands of rejections.

A restart of the server solved the problem:

# service fail2ban stop
Redirecting to /bin/systemctl stop fail2ban.service
.
. (long pause)
.
# service fail2ban start
Redirecting to /bin/systemctl start fail2ban.service
#

Setting up things to restarting the server on a daily basis is a quick fix for this problem.

I used a cron entry to do it.

Here it is:

#  GL 2019-12-09  fail2ban bogs down if it is not restarted
#                 Every day at 4am
00 04 * * * /bin/systemctl restart fail2ban.service

After that, no more bogging down web server - at least becausee of fail2ban!



REFERENCES:






No comments:

Post a Comment