Is it possible to set the maxretry parameter of a fail2ban filter to 0 so that every IP will be banned instantly? The client does not complain about this setting but it does not seem to ban IPs eit...

When enabled sshd jail i see Starting fail2ban: ERROR NOK: ("Failed to initialize any backend for Jail 'sshd'",) ERROR NOK: ('sshd',) In logs : ERROR Backend 'systemd' failed to initialize due to N...

Until now I'm using Docker for a hand-made hosting solution on single-VPCs, with fail2ban installed on host and watching at Docker logs from Nginx containers (Each server can host multiple we...

I'm interested in setting up fail2ban with my Traefik deployment. I found a gist that has some snippets in it, but I'm not clear on how to use them. Can anyone fill in the blanks please? Or, is the...

The setup: Raspberry 3B running Raspbian Stretch 9 on an external HDD and using ZRAM Raspi used as a webserver running LAMP and MERN stacks and accessed remotely via SSH with 1 IDE (Coda fo...

My CentOS server has postfix as MTA and it’s working. When I type the command mail -s "testing" <my gmail address>, I receive the email. However, Fail2ban is unable to send emails to my gmai...

How do I ban an attacker IP with Fail2Ban manually by command line?

Is it possible to catch authentication failure on multiple line with fail2ban regex? Here is the example : Sep 08 11:54:59.207814 afpd[16190] {dsi_tcp.c:241} (I:DSI): AFP/TCP session from 10.0.71...

I am no genius with Regex but wondered if it is possible to write some kind of Regex pattern to detect these complex attack strings which I am sure many people have seen in their web server logs. ...

I use nginx in a docker container and I can easily share my log file on my nginx docker container with host. The log are on it and work on /var/log/nginx folder. I have install fail2ban on host to...

I want to run a docker container with central log and fail2ban service to prevent from dos/ddos attacks. I'm having a problem to run a container with such capabilities that it could also modify t...

Persistent overseas network attacks being performed on my system without my permission inclined me to install fail2ban since cphulkd does not ban ips. I am monitoring a few services for unwelcome p...

Is it possible to configure my fail2ban jail.conf to inspect the docker logs instead of mounting the log in the host. for example to set the logpath to the path of the log of the container. Jail....

I'm new to fail2ban and having a hard time figuring out performance considerations for different configurations I'm thinking about setting up. This is running on a raspberry pi board, so performanc...

I'm having trouble getting fail2ban to detect failed apache-auth attempts The filters looks like this: ^%(_apache_error_client)s (AH01617: )?user .* authentication failure for "\S*": Password Mis...