Bureaucrats, confirmed, Administrators
4,558
edits
Changes
Jump to navigation
Jump to search
documenting weirdness
# Values: TEXT
#
failregex = ^<HOST> -.*
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
ignoreregex = 99\.999\.9\.99
</source>
== More ==
tldr;
# add a bunch of '<code>enabled = true</code>' after the filters you want
# add port 8080 to any apache rules since Meza is listening on 8080 <code>:%s/https/https,8080/</code>
# restart the service <code>service restart fail2ban</code>
See https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04
== Test ==
sudo fail2ban-client status
sudo fail2ban-client status apache-post
== Status ==
If you have many jails, and want to see the status of each of them, there is no built-in <code>--all</code> option for '''<code>fail2ban-client status</code>''' but you can just use a simple short script:
<source lang="bash">
fail2ban-client status | sed -n 's/,//g;s/.*Jail list://p' | xargs -n1 fail2ban-client status
</source>
== Restarts ==
If you change a jail, or otherwise want to restart fail2ban, you can try the SystemD service manager: <code>systemctl reload fail2ban</code>. But, strangely that reports an error on freephile (because it's already running) and a <code>systemctl status fail2ban</code> says that it's FAILED. Even <code>systemctl list-units</code> says it's failed. However, <code>ps axjf</code> shows it running and <code>/usr/bin/fail2ban-client ping</code> gets a 'pong' from the server. It looks like there are two installations (/usr/bin and /bin) but they both report the same thing (and the files are identical)
[[Category:Security]]
[[Category:Firewall]]
[[Category:SSH]]
[[Category:QualityBox]]
