fail2ban jail not being enabled

Question

I want to secure my debian server with Fail2Ban v0.9.6. So I created the following entries in the newly created file /etc/fail2ban/jail.local

[nextcloud-trusted]
enable = true
port = http,https
logpath = /var/nextcloud/data/nextcloud.log
maxretry = 3

[sshd]
enable = true

The corresponding filter definition in /etc/fail2ban/filter.d/nextcloud-trusted.conf looks like this

[Definition]
failregex = ^.*\"remoteAddr\":\"<HOST>\".*Trusted domain error.*$

Now I would expect fail2ban to enable both jails at startup, but only the jail sshd is being enabled but not nextcloud-trusted and I can't figure out why. Even adding the paramter backend = auto to the nextcloud-trusted jail doesn't change anything (as it was suggested in some other answers).

Probably your `nextcould-trusted.conf` is missing [INCLUDES] section? Also, maybe this will be useful: https://www.the-art-of-web.com/system/fail2ban-filters/ — Denis Rasulev, Oct 17 '18 at 06:59

score 4 · Accepted Answer · answered Oct 20 '18 at 11:46

4

It turns out I wrote enable instead of enabled. That was the error.

answered Oct 20 '18 at 11:46

herhuf

497
3
17

fail2ban jail not being enabled

1 Answers1