fail2ban not blocking access, but SSH #2251
Unanswered
FlyingPersian
asked this question in
Q&A
Replies: 1 comment
-
Maybe this has something to do with iptables and docker? See here: https://help.nextcloud.com/t/fail2ban-not-working-create-ban-but-still-can-log-in-faill-attempt/131433/4 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
I'm running vaultwarden in a docker environment on my Raspberry Pi (RPI OS). Everything is running behind an nginx reverse proxy that's running on a different machine so that I can access vaultwarden from the outside via https://bw.domain.com or internally via 192.168.178.36:8081. I named everything bitwaden instead of vaultwarden, but I'm still using the vaultwarden docker image:
/etc/fail2ban/filter.d/bitwarden.local:
/etc/fail2ban//jail.d/bitwarden.local:
docker-compose.yml:
When I access Vaultwarden via 192.168.178.36:8081 and enter wrong creds 3x, I loose SSH connection to my server from that device. Other devices work. I can still access the GUI and even login with correct creds from the same IP.
Logs:
fail2ban status:
I'm unable to SSH into the server from 192.168.178.30.
When I access Vaultwarden via https://bw.domain.com, same thing happens. According to fail2ban, the IP is blocked, but I can still login to Vaultwarden GUI with correct creds.
Logs:
Fail2ban status:
Am I missing something? In theory, everything works. Incorrect logins are logged, read by fail2ban and it even bans the correct IPs. The logs all show correct IP addresses.
Beta Was this translation helpful? Give feedback.
All reactions