Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

How to config a long time ban in Fail2Ban for recurrent IP's

https://forum.vestacp.com/viewtopic.php?f=20&t=18855

Page 1 of 1

How to config a long time ban in Fail2Ban for recurrent IP's

Posted: Fri Jun 28, 2019 9:38 am
by Wibols
You must to add to "/etc/fail2ban/jail.local" file (in Server > Fail2Ban > Configure) the next jail:

Code: Select all

[recidive]
enabled = true
maxretry = 3
findtime = 86400
bantime = 864000
This applies a 10 days ban for those IP's that have been banned 3 times in 24 hours or less.

To view banned IP's list (Chain f2b-recidive):

Code: Select all

sudo iptables -L
The only way I found to view banned IPs in VestaCP backend is to assigning "recidive" jail to a preexisting ban category and preferably unused (like DB or DNS), adding a new action line:

Code: Select all

[recidive]
enabled = true
action = vesta[name=DB]
maxretry = 3
findtime = 86400
bantime = 864000

Re: How to config a long time ban for recurrent IP's in Fail2Ban

Posted: Wed Jul 03, 2019 7:33 pm
by skamasle
Thanks you for sharhing

Re: How to config a long time ban in Fail2Ban for recurrent IP's

Posted: Thu Jul 04, 2019 8:50 am
by Wibols
Added to initial post:

The only way I found to view banned IPs in VestaCP backend is to assigning "recidive" jail to a preexisting ban category and preferably unused (like DB or DNS), adding a new action line:

Code: Select all

[recidive]
enabled = true
action = vesta[name=DB]
maxretry = 3
findtime = 86400
bantime = 864000
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/