You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fill out and check ([x]) the boxes which apply. If your Fail2Ban version is outdated,
and you can't verify that the issue persists in the recent release, better seek support
from the distribution you obtained Fail2Ban from
Fail2Ban version (including any possible distribution suffixes): 0.10.2-2.1
OS, including release name/version: Debian 10 Buster
Fail2Ban installed via OS/distribution mechanisms
You have not applied any additional foreign patches to the codebase
Some customizations were done to the configuration (provide details below is so)
The issue:
I use fail2ban, for example with nginx-http-auth.conf to protect Nginx. Sometimes i got a notification via email, that host xy is banned succesfully, because it violates the regex. So far so good. The finding is ok and that host is ok to ban. But when i mak a test, the host isnt banned in reality.
Steps to reproduce
start fail2ban with nginx-http-auth jail
use some browser and access a protected site on the nginx server
enter several time wrong credentials
mail notification is send to the admin about succesfully ban the client ip
access the nginx site again
client isn't banned
Expected behavior
client is banned at least for the time configured
Any additional information
If i restart fail2ban with systemctl restart fail2ban, the client is banned, so test is completed succesfully and the client cant connect. The above issue seems to be there only sporadically and not all the time. I assume that some thing breaks after several days of running the service.
This a re my first steps with fail2ban, so please forgive me, that i didnt know, which logs you want. If you need something, please give me detailed steps, how i can find the right logfiles. Maybe, its not the fault of fail2ban itself, but i really dont have a idea whats going on.
The text was updated successfully, but these errors were encountered:
If you use firewalld, may be this a duplicate of #1609 (see also #2503 (comment))?
Note that web-clients as well as nginx use keep-alive connection, so be sure your banning action is able to reject already established connections (for example there are no allowing/white-listing rules set in your net-filter for that).
If you need something, please give me detailed steps, how i can find the right logfiles
provide your banaction (e. g. dump excerpt fail2ban-client -d | grep 'nginx.*action') and how your net-filter/firewall subsystem is configured (what do you use exactly, which firewalls are running).
repeat your authentication failures (login attempts) and see in fail2ban.log for some errors. if you have any, try to google for that, try the commands in your shell or provide it here.
check your banaction had created the rules in your firewall subsystem (list of the chains, rules in INPUT and fail2ban chains, etc).
Environment:
Fill out and check (
[x]
) the boxes which apply. If your Fail2Ban version is outdated,and you can't verify that the issue persists in the recent release, better seek support
from the distribution you obtained Fail2Ban from
The issue:
I use fail2ban, for example with nginx-http-auth.conf to protect Nginx. Sometimes i got a notification via email, that host xy is banned succesfully, because it violates the regex. So far so good. The finding is ok and that host is ok to ban. But when i mak a test, the host isnt banned in reality.
Steps to reproduce
Expected behavior
Any additional information
If i restart fail2ban with systemctl restart fail2ban, the client is banned, so test is completed succesfully and the client cant connect. The above issue seems to be there only sporadically and not all the time. I assume that some thing breaks after several days of running the service.
This a re my first steps with fail2ban, so please forgive me, that i didnt know, which logs you want. If you need something, please give me detailed steps, how i can find the right logfiles. Maybe, its not the fault of fail2ban itself, but i really dont have a idea whats going on.
The text was updated successfully, but these errors were encountered: