Highest Voted 'fail2ban' Questions - Server Fault Stack Exchange

0

votes

1 answer

SSH Brute Force Login Attempts - enable automated email to abuse-mailbox

Running some servers I noticed increased SSH Brute Force Login Attempts over the years. fail2ban is a great tool which massively slows them down and can email the abuse-mailbox/OrgAbuseEmail of the network admin's IP range by querying the RIPE…

asked Mar 05 '20 at 22:29

Rainer Rillke

113
5

0

votes

1 answer

fail2ban fails to send banned IPs to Cloudflare

I am running a WordPress site on a CentOS 7 server. I have fail2ban installed and working, and have verified that it is adding IPs to iptables. I just added Cloudflare to the site, and now I'm trying to get fail2ban working with the Cloudflare v4…

centos7 fail2ban cloudflare

asked Feb 29 '20 at 02:11

FredNet

11
2

0

votes

1 answer

fail2ban on Raspbian does not create iptables jails

I installed fail2ban 0.10.2-2.1 on Raspbian Buster to protect ssh (and if that works, apache). The default installation only enables de sshd jail, but in my case that does not seem to work. The fail2ban-client reports that the jail is running: $…

ssh iptables fail2ban raspbian

asked Feb 25 '20 at 21:43

Rolf

141
5

0

votes

1 answer

Difficulties with Fail2Ban on PhpMyAdmin on CentOS

I am Brazilian and I still try to adapt with the English language. I'm having a hard time getting Fail2Ban to work on phpmyadmin. I'm using CentOS 8.1.1911 and fail2ban 0.10.5-2. My PhpMyAdmin is version 4.9.0.1. I noticed that PhpMyAdmin logs login…

centos fail2ban phpmyadmin centos8

asked Feb 15 '20 at 01:51

Henrique Fagundes

11
3

0

votes

0 answers

Fail2Ban -> UFW -> IPTables (how to log blocks)

Running: Ubuntu 18.04.4 LTS Fail2Ban v0.10.2 ufw 0.36 iptables v1.6.1 I've successfully setup fail2ban to use ufw to block ip's based on ssh authentication failures. As we know, ufw is just a front-end for iptables. I've tested from another IP…

linux iptables fail2ban ufw

asked Feb 12 '20 at 13:15

user3249281

185
1
10

0

votes

3 answers

How to find cause of server hanging while having only 3 seconds of access

Remote debian buster server, so can't go to console. Yesterday it worked properly, today it has stopped responding. I can reboot it remotely, so after reboot I can reconnect, but I can only run short command like top and I lose the connection. On…

fail2ban debian-buster hangs

asked Feb 10 '20 at 09:41

SledgehammerPL

711
9
16

0

votes

1 answer

Fail2Ban not working with Feb 9 11:57:51 NOQUEUE: reject: RCPT from unknown[185.143.223.170]

I have these files in my mail.log file: Feb 9 11:57:50 ctrl-01 postfix/smtpd[21155]: NOQUEUE: reject: RCPT from unknown[185.143.223.170]: 454 4.7.1 : Relay access denied; from=…

postfix fail2ban

asked Feb 09 '20 at 12:06

Roman Gaufman

123
5

0

votes

2 answers

Setting Up Fail2Ban

I am new to fail2ban. I want to setup Fail2Ban such that it bans an IP for one hour on two failed login attempts. I have the following setup: /etc/fail2ban/jail.local.conf [DEFAULT] bantime = 3600 maxretry = 2 backend = systemd usedns = warn mode =…

iptables fail2ban

asked Feb 08 '20 at 17:09

Abrar Hossain

123
9

-1

votes

1 answer

Fail2ban without proactive mode

Is there any way to configure Fail2ban to just log suspicious activities without change my firewall rules?

linux security firewall fail2ban

asked Dec 21 '18 at 16:53

wmarquardt

109
2

-1

votes

3 answers

nginx - Is this a bad bot?

I have these entries in /var/log/nginx/access.log: 107.155.152.109 - - [22/Mar/2018:19:20:54 +0000] "GET / HTTP/1.0" 301 193 "-" "-" 162.216.152.56 - - [22/Mar/2018:19:21:40 +0000] "GET / HTTP/1.0" 301 193 "-" "-" 60.191.48.204 - -…

nginx fail2ban

asked Mar 22 '18 at 19:30

minisaurus

113
1
7

-1

votes

1 answer

Attempting to send mail with sendmail on ubuntu 17.04?

I first installed sendmail on ubuntu 17.04 by running sudo apt-get install sendmail and then I made sure that the hostname of my machine was added to /etc/hosts/ right after localhost like this: 127.0.0.1 localhost myhostname I then ran sudo…

ubuntu email sendmail fail2ban

asked Aug 14 '17 at 21:07

Ole

223
1
4

-1

votes

1 answer

Fail2Ban on Centos is blocking connections from Cygwin and WinSCP

I got over 3k failed login attempts yesterday morning which was the most ive ever seen. I did some research and Fail2Ban seems to be a good step to stopping this. I have installed it and it seems to be going ok, but i have noticed that it is…

ssh security centos6 fail2ban

asked Jan 11 '17 at 10:23

Dan Hastings

696
1
12
24

-1

votes

1 answer

After setting up fail2ban w/Permanently Ban Repeat Offenders to fail2ban - I'm not be getting any emails of bans w/detailed info anymore

After installing fail2ban 0.9.3 on my uBuntu server 16.04 and then following the steps located from this link - Perma Ban Repeat Offenders I did service fail2ban reload and got the emails showing the services stopped and started. but, I seem to…

email fail2ban ubuntu-16.04

asked Aug 05 '16 at 16:59

Ronnie

21
4

-1

votes

1 answer

Which Nginx log file is for fail2ban?

I have files in /var/log/nginx/ the log file /var/log/nginx/access.log is empty. But the /var/log/nginx/access.log.1 is being appended as always. In file /etc/fail2ban/fail2ban.conf, logtarget = /var/log/fail2ban.log In the file…

nginx logging python syslog fail2ban

asked Apr 13 '16 at 06:08

dotslash

219
3
15

-1

votes

2 answers

How can I reject spam before reaching SMTP on Postfix

My server has started receiving thousands of attempts to use my mail server to send spam from dynamic.hinet.net. The attempts are always rejected, but it's non-stop. I'd like to block these attempts before they even reach the mail server is…

postfix smtp spam fail2ban postscreen

asked Jan 13 '16 at 10:19

nutman

109
2

Questions tagged [fail2ban]