How to config a long time ban in Fail2Ban for recurrent IP's
How to config a long time ban in Fail2Ban for recurrent IP's
You must to add to "/etc/fail2ban/jail.local" file (in Server > Fail2Ban > Configure) the next jail:
This applies a 10 days ban for those IP's that have been banned 3 times in 24 hours or less.
To view banned IP's list (Chain f2b-recidive):
The only way I found to view banned IPs in VestaCP backend is to assigning "recidive" jail to a preexisting ban category and preferably unused (like DB or DNS), adding a new action line:
Code: Select all
[recidive]
enabled = true
maxretry = 3
findtime = 86400
bantime = 864000To view banned IP's list (Chain f2b-recidive):
Code: Select all
sudo iptables -LCode: Select all
[recidive]
enabled = true
action = vesta[name=DB]
maxretry = 3
findtime = 86400
bantime = 864000
Last edited by Wibols on Thu Jul 04, 2019 8:47 am, edited 3 times in total.
Re: How to config a long time ban for recurrent IP's in Fail2Ban
Thanks you for sharhing
Re: How to config a long time ban in Fail2Ban for recurrent IP's
Added to initial post:
The only way I found to view banned IPs in VestaCP backend is to assigning "recidive" jail to a preexisting ban category and preferably unused (like DB or DNS), adding a new action line:
The only way I found to view banned IPs in VestaCP backend is to assigning "recidive" jail to a preexisting ban category and preferably unused (like DB or DNS), adding a new action line:
Code: Select all
[recidive]
enabled = true
action = vesta[name=DB]
maxretry = 3
findtime = 86400
bantime = 864000