Tag: fail2ban

Fail2ban-client show banned IPs

Français Français

How to show banned IPs with Fail2ban client

It’s very simple to show the list of banned IPs with Fail2ban, first you have to select in witch jail you want to show the blocked IPs. To get the active jails type:

fail2ban-client status

Then you have to select a jail to show banned IPs with this jail

fail2ban-client status <JAIL-NAME>

Continue reading Fail2ban-client show banned IPs

Install and configure Fail2ban with Docker

Français Français

About this guide

This step-by-step guide exists to help you install and configure Fail2ban on your server to prevent hackers attack ( SSH and WordPress brute force attack ).

We discussed How fail2ban works on the previous post.

Introduction

Fail2ban is installed as part of the target environment(Ubuntu), the container remains independent. However, to interpret the filters Fail2ban must have access to the container log files.
The following example shows Fail2ban, Docker Host, and Container on an Ubuntu server with iptables. Fail2ban should monitor and protect the SSH accesses to the Ubuntu server and the HTTP accesses to the Docker container.

fail2ban docker iptables
fail2ban docker iptables

Continue reading Install and configure Fail2ban with Docker

How fail2ban works

Français Français

Introduction

fail2ban logo
Fail2ban logo

Fail2ban helps protect a server from brute force and Deny-Of-Services (DOS) attacks.

  • Fail2ban is developed in Python language
  • Fail2ban analyzes the logs of the server when it detects several unsuccessful connection attempts it will put in place actions that you will have defined such as blocking the IP address or send alert email
  • Fail2Ban is based on a system of jails that can be set, enabled or disabled in a simple configuration file (/etc/fail2ban/jail.conf)

Continue reading How fail2ban works