You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the Fail2ban support load whitelist/ignores IP list from a separate configuration file, this can help to periodically update the ignore IP list using a cron job.
This is important because major search engines Google and Bing released the official bots' IP address range. Furthermore, some CDN services (Amazon AWS) periodically update the IP address list. As per their site, these IPs can be changed periodically. These services released the IP address list in JSON format for easy importing.
We can easily set up a bash script to import these IPs from their sites to our local machine configuration file. But with Fail2ban, it does not support importing a whitelist IP address list from a separate file.
I believe if the Fail2Ban can import (cron job to run periodically) these JSON files' IP addresses or load ignored IP lists from a separate local file, it would be a good option to prevent a fall positive ban. (instead of adding every IP to Fail2Ban main configure file).
Chathu07
changed the title
[RFE]: Load whitelist IP address from remote json files.
[RFE]: Load ignore/whitelist IP address from local configuration files instead of main configuration file to automatically update.
Jul 16, 2022
Chathu07
changed the title
[RFE]: Load ignore/whitelist IP address from local configuration files instead of main configuration file to automatically update.
[RFE]: Load ignore/whitelist IP address list from local configuration files instead of main configuration file to automatically update.
Jul 16, 2022
Chathu07
changed the title
[RFE]: Load ignore/whitelist IP address list from local configuration files instead of main configuration file to automatically update.
[RFE]: Load ignore/whitelist IP address list from separate local configuration files instead of main configuration file to automatically update.
Jul 16, 2022
If the Fail2ban support load whitelist/ignores IP list from a separate configuration file, this can help to periodically update the ignore IP list using a cron job.
This is important because major search engines Google and Bing released the official bots' IP address range. Furthermore, some CDN services (Amazon AWS) periodically update the IP address list. As per their site, these IPs can be changed periodically. These services released the IP address list in JSON format for easy importing.
We can easily set up a bash script to import these IPs from their sites to our local machine configuration file. But with Fail2ban, it does not support importing a whitelist IP address list from a separate file.
I believe if the Fail2Ban can import (cron job to run periodically) these JSON files' IP addresses or load ignored IP lists from a separate local file, it would be a good option to prevent a fall positive ban. (instead of adding every IP to Fail2Ban main configure file).
Google bot IP: https://developers.google.com/search/apis/ipranges/googlebot.json
Bingbot IP list: https://www.bing.com/toolbox/bingbot.json
Amazon AWS IP list: https://ip-ranges.amazonaws.com/ip-ranges.json
The text was updated successfully, but these errors were encountered: