Dear Colleagues,
Greetings!
I apologize for the possible typos. I'm Brazilian and I have difficulties with English
I have a problem with Drupal (and I cannot update it). I can't get fail2ban to stop login attempts with error.
What I find strange is that before migrating from server, it used version 0.9.6-2 of fail2ban in Debian 9.12 and it worked correctly.
I migrated the server to a CentOS 8.1 running fail2ban in version 0.10.5-2. And after that, the lock does not work.
I will share the configuration files with you:
/etc/fail2ban/jail.conf:
https://temporario.aprendendolinux.com/ ... l.conf.txt
/etc/fail2ban/filter.d/drupal-auth.conf:
https://temporario.aprendendolinux.com/ ... h.conf.txt
/var/log/messages:
https://temporario.aprendendolinux.com/messages.txt
I understand that the correct thing would be for fail2ban to block IP 177.124.244.10 after the third login attempt, but it is not happening.
I recorded this video to demonstrate the problem more clearly:
https://youtu.be/5AkuUpVYbms
can anybody help me?
Failures with fail2ban in CentOS 8
-
- Posts: 1522
- Joined: 2014/05/21 20:16:00
- Location: Central New York, USA
Re: Failures with fail2ban in CentOS 8
Don't know if it is the problem but your default bantime is a negative number. I've not seen that before. In addition, in the defaults you banned ALL ports if any are violated, but then in the separate jails, they are overridden with only particular ports blocked.
I don't know if this is what is causing your grief but I hope it helps you. I cannot vouch that mine works because my CentOS 8 machine is not the one exposed to the 'outside', so it never receives attempts.
I don't know if this is what is causing your grief but I hope it helps you. I cannot vouch that mine works because my CentOS 8 machine is not the one exposed to the 'outside', so it never receives attempts.
Re: Failures with fail2ban in CentOS 8
test your regex with fail2ban-regex
most of time the error is in how you wrote your regex
na maioria das vezes o erro está em como você escreveu sua expressão regular
most of time the error is in how you wrote your regex
na maioria das vezes o erro está em como você escreveu sua expressão regular
-
- Posts: 2
- Joined: 2020/02/17 18:10:37
Re: Failures with fail2ban in CentOS 8
Dear,
Thanks to everyone who tried to help!
I managed to resolve the issue.
I made a small mistake. I use iptables and fail2ban was configured to use firewalld.
This topic can be closed.
Thanks to everyone who tried to help!
I managed to resolve the issue.
I made a small mistake. I use iptables and fail2ban was configured to use firewalld.
This topic can be closed.