We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
fail2ban edit
fail2ban edit
Hello,
I try scraping my website for see how work vestacp default firewall,
I make 10 000 request per 1sec and just 50% is blocked so 5000 request per sec work fine,
5000 sec per sec is a lot how i can edit this to some less number e.g. 5 request per sec ?
If i add 5 request per sec this will block some my regular users on page if make more then 5 request per sec?
Thank you.
I try scraping my website for see how work vestacp default firewall,
I make 10 000 request per 1sec and just 50% is blocked so 5000 request per sec work fine,
5000 sec per sec is a lot how i can edit this to some less number e.g. 5 request per sec ?
If i add 5 request per sec this will block some my regular users on page if make more then 5 request per sec?
Thank you.
Re: fail2ban edit
Can you please tell me which all commands i need add in ubuntu terminal for stop fail2ban and turn on csf,XoXiLhJ0mn wrote:Hi,
I use free firewall from ConfigServer, called csf.
Thats the best you will ever find.
On my server, fail2ban is turned off.
The csf handles and does all the work in an excellent manner, precisely what you are trying to achieve with 5000 requests. Further, it will offer you many more functions and a vast area of protection on many important security areas.
I advice you to turn off fail2ban and use csf. Of course, it will ban the users that fails to login,. But it will do much more.
also i need edit csf or default settings is enough?
Thank you.
Re: fail2ban edit
Are you trying to block IPs that are trying to snoop around your server files (maybe to execute something) or some type of flooding? What is the fail2ban filter you're using for this purpose?vestacp89 wrote:Hello,
I try scraping my website for see how work vestacp default firewall,
I make 10 000 request per 1sec and just 50% is blocked so 5000 request per sec work fine,
5000 sec per sec is a lot how i can edit this to some less number e.g. 5 request per sec ?
If i add 5 request per sec this will block some my regular users on page if make more then 5 request per sec?
Thank you.
not exactly sure why fail2ban would block the regular users.
Re: fail2ban edit
^ Csf sounds wonderful from what you said... do you recommend installing this? i currently have iptables + fail2ban.XoXiLhJ0mn wrote:Csf is specifically designed for advanced features to even coordinate many additional services and bring them under protection under one roof. The same csf script will count failure in login attempts by an IP and block it.
If the same IP does some more non-sense with any other service, it would be able to block it too. It could also block the same IP attempt of malicious with x minutes or hours.
Which means a malicious attempt on SMTP could be counted against an another malicious attempt of IMAPS or even http, which could eventually be blocked for the entire C octet of that IP. It could also provide flood protection and DoS, etc.
Thats what you wanna achieve, right? Default IP tables is a wonderful piece of garbage for this requirement here, which should/could be turned off upon csf being on.
also if you could point me to some guide how to install that and un-install my current iptables + fail2ban... that would be helpful. I am running CentOS 6.7 x64.