Highest Voted 'fail2ban' Questions - Server Fault Stack Exchange

-1

votes

2 answers

How can I reject spam before reaching SMTP on Postfix

My server has started receiving thousands of attempts to use my mail server to send spam from dynamic.hinet.net. The attempts are always rejected, but it's non-stop. I'd like to block these attempts before they even reach the mail server is…

asked Jan 13 '16 at 10:19

nutman

109
2

-1

votes

1 answer

Can I use the following Fail2ban jail with my wordpress on nginx server?

[nginx-noscript] enabled = true port = http,https filter = nginx-noscript logpath = /var/log/nginx/access.log maxretry = 6 It is advised to not enable [nginx-noscript] jail, if server is running scripts. What are the types of scripts in…

nginx wordpress fail2ban

asked Nov 18 '15 at 11:35

dhiraj

21
1
1
5

-1

votes

1 answer

IPTABLES not working, fail2ban still notifying me of instrusions from those ips

I added 200 hundred iptable rules like these: iptables -A INPUT -s 108.62.150.0/24 -j DROP iptables -A INPUT -s 109.108.64.0/19 -j DROP iptables -A INPUT -s 109.110.32.0/19 -j DROP to block russian and eastern europe ips from my server. However, my…

iptables fail2ban

asked Jul 25 '15 at 15:23

Frank Barcenas

605
6
18

-1

votes

1 answer

fail2ban Perform a regular expression for failregex

I needed some help to create a regular expression for failregex to find and ban the source ip (ex. SRC=192.168.0.1 and ban the IP 192.168.0.1) from this log: [ATT] Suspect: IN=eth0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx…

python fail2ban

asked Aug 08 '12 at 18:03

Kiwi

33
2
6

-1

votes

1 answer

what the meaning of "logpath = %(nginx_error_log)s" in fail2ban jail log path?

I am running fail2ban on Ubuntu 20.04 server, and am looking over some of the default jails. In [nginx-http-auth] the default log path shows as logpath = %(nginx_error_log)s. What exactly does %(nginx_error_log)s mean in fail2ban, and how does it…

nginx logging regex fail2ban

asked Feb 23 '23 at 16:38

DanRan

73
1
3
22

-1

votes

1 answer

Fail2Ban is not updating iptables rules

I have set up fail2ban to protect my ssh port using these rather old instructions: https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04 I tested my set-up by botching a bunch of log-ins from another…

ubuntu iptables fail2ban ubuntu-20.04

asked Apr 25 '21 at 18:06

grasswistle

121
6

-1

votes

1 answer

Postfix - Can Send / Receive Localy - Send External - Not receive from external

I just finish configuring my own mail server using this guide: LinuxBabe Guide At the start all was working but now I can not receive mail from external. Here is my configuration file: https://hatebin.com/npslpqyqpr

ubuntu postfix dovecot fail2ban postgrey

asked Oct 22 '20 at 14:05

京子シオリ

1
1

-2

votes

1 answer

Fail2ban won't ban IPs

I installed the Fail2ban on my Ubuntu 18 server with etc/fail2ban/jail.local file [sshd] enabled = true port = 22 filter = sshd logpath = /var/log/fail2ssh.log maxretry = 2 after restart fail2ban service I can allways see attemts to login…

fail2ban

asked Jul 26 '19 at 18:49

Peter Valek

1

-2

votes

1 answer

unable to jail ssh fail2ban 0.9.6

I am on Centos 6.9 with fail2ban 0.9.6. I have the below SSH jail but after restarting fail2ban it is not enabled when running fail2ban-client status. The conf I used is /etc/fail2ban/jail.local. I have multiple jails in there. [ssh] enabled =…

ssh centos6 fail2ban

asked Mar 30 '18 at 12:37

Olive.b

72
1
2
11

-2

votes

1 answer

Default rules in fail2ban for apache

What does default apache (apache-auth, apache-overflows, apache-noscript) fail2ban jails do? I looked into docs, but there is nothing about it. Thanks for your help!

apache-2.2 security fail2ban

asked Jun 16 '15 at 21:52

david8

113
4

-2

votes

1 answer

Apache server crashes due to bandwidth spike issue

The problem I am facing is that my Website (hosted on a dedicated VPS) was working fine for last 6 months. However from last two days, it gets huge spikes of DATA coming in and this causes server to crash. The hosting company shutdowns my server. I…

apache-2.2 centos fail2ban mod-security server-crashes

asked Jun 04 '15 at 12:27

Arjun

1
3

-2

votes

1 answer

What configuration is necessary for fail2ban to be useful?

If I simply install fail2ban on my server with sudo apt-get install fail2ban without configuring anything, does this provide adequate protection? It seems that fail2ban comes with 1-2 pages of jails set up already which seem like they'd catch…

fail2ban

asked Mar 30 '15 at 18:35

Superbest

5,265
3
15
11

-2

votes

1 answer

FAIL2BAN filters- who can give me filter to block this intrusion?

I see in my mediatemple server maillog endless intrusion. i need to block these ips. who can help with filter file to match these? Jan 21 07:51:44 mydomain postfix/smtpd[23505]: SSL_accept error from unknown[185.7.214.188]: -1 Jan 21 07:51:44…

postfix fail2ban intrusion-detection

asked Jan 21 '22 at 19:10

alex K

1
2

-3

votes

2 answers

Fail2Ban to block IPs that request the same URL repeatedly

Is it possible to use Fail2Ban to block IPs that request the same URL more than 5 times in 10 seconds? I'm not talking about a specific URL, but any random URL of the site that is being requested repeatedly. For example: I don't want to block in a…

ddos fail2ban

asked Mar 04 '16 at 03:02

viniciussss

185
3
8

-3

votes

1 answer

I need a script to ptint output from fail2ban

I installed Fail2ban and it's working fine. I'm NOT a Linux guru, sorry. I can just about find my way around. I need a script that will print all banned IP addresses and most important the DATE AND TIME that the ban came into effect. I'm only…

fail2ban

asked Jul 11 '22 at 14:28

Mikheil

1
1

Questions tagged [fail2ban]