This is a staging site. Uploads will not persist. Testing only.

fail2ban

ban hosts that cause multiple authentication errors

Description

Fail2ban monitors log files (e.g. /var/log/auth.log, /var/log/apache/access.log) and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. Fail2ban allows easy specification of different actions to be taken such as to ban an IP using iptables or hostsdeny rules, or simply to send a notification email.

By default, it comes with filter expressions for various services (sshd, Apache, proftpd, sasl, etc.) but configuration can be easily extended for monitoring any other text file. All filters and actions are given in the config files, thus fail2ban can be adopted to be used with a variety of files and firewalls. Following recommends are listed:

 - iptables/nftables -- default installation uses iptables for banning.
   nftables is also supported. You most probably need it
 - whois -- used by a number of *mail-whois* actions to send notification
   emails with whois information about attacker hosts. Unless you will use
   those you don't need whois
 - python3-pyinotify -- unless you monitor services logs via systemd, you
   need pyinotify for efficient monitoring for log files changes

Upload more screenshots

Please help extend the collection of screenshots. Just make a screenshot and upload it here. You don't need to register or anything.

Upload a screenshot

Hint: upload an image here from your clipboard with Ctrl-V


Homepage

https://www.fail2ban.org


Install this software package

If the package is available for the distribution you are currently using on your computer then install the software by clicking on…

Install fail2ban