Comments (2)
Hi there :)
I would recommend setting "banaction" directly instead of "action".
Also I'm not sure if you should use the same filter action name for two different jails.
Keeping them seperate is usually better imo.
Also remember: if you are using some kind of proxy (like cloudflare) and traffic is coming in on SSL, the real IP can't be seen (in the encrypted "x-forwarded-for"-header), meaning the request won't be blocked and still show up in the logs.
Hope this helps a little, cheers :)
from docker-fail2ban.
Hi there :)
I would recommend setting "banaction" directly instead of "action".
Also I'm not sure if you should use the same filter action name for two different jails.
Keeping them seperate is usually better imo.Also remember: if you are using some kind of proxy (like cloudflare) and traffic is coming in on SSL, the real IP can't be seen (in the encrypted "x-forwarded-for"-header), meaning the request won't be blocked and still show up in the logs.
Hope this helps a little, cheers :)
Heya,
Thank you for replying! You've certainly triggered a thought process re Cloudflare.
So I was passing the real IP of the client, but that obviously wasn't the IP address that was hitting the server (due to CF).
My solution was to use Fail2Ban with the Cloudflare action and get f2b to block at Cloudflare instead of at the server, also more secure that way in many respects.
Solution:
[bitwarden]
enabled = true
port = 80,443,8089,3012
filter = bitwarden
logpath = /bitwarden.log
action = iptables-multiport
cloudflare
findtime = 3600
bantime = 3600
maxretry = 3
[bitwarden-admin]
enabled = true
port = 80,443,8081
filter = bitwarden-admin
action = iptables-multiport
cloudflare
logpath = /bitwarden.log
maxretry = 3
bantime = 3600
findtime = 3600
Setting up the cloudflare action: https://community.cloudflare.com/t/can-i-still-use-fail2ban-while-using-cloudflare-article/63674
Thanks again!
from docker-fail2ban.
Related Issues (20)
- Sendmail "wrong parameters" issue , always the first time execution of "sendmail" command,second try always okay. HOT 1
- Consider adding mail standalone feature HOT 1
- pip binary is missing, trying to `apk add py3-pip` breaks HOT 1
- [Feature Request] Add AbuseIPDB API integration
- [Feature Request] Add AbuseIPDB API integration HOT 1
- Can't send SMTP emails HOT 1
- F2B_DB_PURGE_AGE in examples is bogus HOT 2
- Help I banned my WAN IP and Unbanning command did not work HOT 1
- Is it possible to support Webhook? HOT 1
- Warning message is always triggered: already exists and will be overriden HOT 1
- Input chain not working sshd
- How to configure SSMTP if smtp server no authentication is required
- Disable: WARNING Unable to find a corresponding IP address for fail2ban: [Errno -2] Name does not resolve HOT 4
- Functionality for PUID/PGID
- System slowdown after more than 1 day of operation
- How to custom dockerfile to run container?
- Fail2ban docker not banning even if it says "already banned" HOT 3
- Subdomain access not blocked
- docker-fail2ban:1.1.0 compatibility issue with Synology HOT 9
- add linux/arm/v8 image HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-fail2ban.