Vesta Control Panel - Forum

Community Forum

Skip to content

Advanced search
  • Quick links
    • Main site
    • Github repo
    • Google Search
  • FAQ
  • Login
  • Register
  • Board index Main Section General Discussion
  • Search

Fail2Ban -- not banning?

General questions about VestaCP
Post Reply
  • Print view
Advanced search
5 posts • Page 1 of 1
Naldinho
Posts: 34
Joined: Sat Nov 05, 2016 12:54 am

Fail2Ban -- not banning?
  • Quote

Post by Naldinho » Sat Nov 12, 2016 3:57 am

I've been intentionally logging in with the wrong password to the panel.

/var/log/vesta/auth.log shows the failed attempts

but when I check fail2ban-client status vesta-iptables there are no failed and no banned ips
Top

daansk44
Posts: 56
Joined: Tue Sep 06, 2016 7:21 pm

Os: CentOS 6x
Web: apache + nginx
Re: Fail2Ban -- not banning?
  • Quote

Post by daansk44 » Mon Nov 21, 2016 2:05 pm

Maby you should look at your fail2ban config file.

You can see what fail2ban does. Most of the time, the ip got banned for 300 seconds (I think).
If you're really paranoid you can change your config file ;)

/etc/fail2ban/jail.conf I thought

/Daan
Top

Naldinho
Posts: 34
Joined: Sat Nov 05, 2016 12:54 am

Re: Fail2Ban -- not banning?
  • Quote

Post by Naldinho » Mon Nov 21, 2016 2:58 pm

I've been working with the config file. You should use jail.local rather than jail.config.

I've come to the conclusion that most of the pattern detections are wrong and by replacing them I've been able to get the mail stuff to detect some but not all of the attempted logins.

The problem with doing that for the panel is that the panel doesn't write dates into the log file. I need a way to change VestaCP's logging to include a time stamp.

I also find it strange that out of the box the regex for all the other logs appear to be wrong. I can't imagine that is only true for me.
Top

puls
Posts: 9
Joined: Sun Jul 31, 2016 1:24 pm

Re: Fail2Ban -- not banning?
  • Quote

Post by puls » Tue Nov 22, 2016 3:49 pm

On my Debian 8 - 0.9.8-16 system the logs are complete empty, but in webpanel I can see them, so that is strange.

@Naldinho: Can you please share with us your configs? I would look for logrotate in the vesta files or configs, there are some parameters where you can set the timestamp, it is also an bad issue that i came across, but i did not fixed it yet.

It is crucial that these things work correctly, otherwise I setup better by my own.
Top

Naldinho
Posts: 34
Joined: Sat Nov 05, 2016 12:54 am

Re: Fail2Ban -- not banning?
  • Quote

Post by Naldinho » Tue Nov 22, 2016 4:27 pm

CentOS 7.2 -- Digital Ocean

After that I didn't change anything -- just did a default install of VestaCP 0.9.8-16

I actually am likely to abandon the use of a panel at this point and just configure everything myself. I am not selling hosting and the panel was just for personal use but I am having way too many issues beyond just this one that I'm not experiencing the time savings I was hoping for. It is unfortunate because this is a good product and I feel it is 98% of the way there.
Top


Post Reply
  • Print view

5 posts • Page 1 of 1

Return to “General Discussion”



  • Board index
  • All times are UTC
  • Delete all board cookies
  • The team
Powered by phpBB® Forum Software © phpBB Limited
*Original Author: Brad Veryard
*Updated to 3.2 by MannixMD
 

 

Login  •  Register

I forgot my password