wiki.blueonyx.it

Server Management > Fail2ban > Fail2ban

Allows you to enable and configure Fail2ban. Fail2Ban is an intrusion prevention software framework that protects servers from brute-force attacks. Written in the Python programming language, it is able to run as a deamon and can block detected “bad” activity via IPtables or third party firewall tools such as APF/Firewalld.

—-

• Enable Fail2ban: If this checkbox is ticked, the service fail2ban is enabled.
• Ban Method: Defines which blocking mechanism Fail2ban will use to deny access to this server. Availability of blocking mechanisms depends on the BlueOnyx version and installed Shop packages such as APF or Firewalld.
• Ignore IP's: Enter IP-Address ranges which Fail2ban should never block. Please note: You must enter IP-Address ranges, which means: IP Address with Netmask.
• Bantime: This specifies how long (in seconds) and offending IP-Address will be blocked. Default: 600 Seconds.
• Findtime: This specifies the window within repeat offending behavior of IP-Addresses might trigger a ban. Default: 600 Seconds.
• Maximum Retries: This specifies how often an IP-Address must do something offensive within the Findtime before it is temporarily banned.
• Services monitored by default: Shows a list of usually enabled services, which are monitored by default by Fail2ban.

List of additional services which are usually not present on a BlueOnyx, but if you manually installed them, you can have Fail2ban monitor them as well.

This tab is only visible if your configured 'Ban Method' is set to “firewallcmd-rich-rules” - meaning: Your server uses Firewalld. In that case this tab is visible and shows a list of all currently banned IP addresses.