Announcement Announcement Module
Collapse Forum Guidelines

Welcome to the Forums! The purpose of this forum is to allow you to discuss topics relating to hosting and topics of interest with other Customers. The primary focus should relate to issues not generally included in our Wiki or Control Panel, or information not provided by our Customer Support Team. Some examples include programming and coding support, web site design ideas and SEO practices.

The forum is not meant as a replacement to our Wiki or Customer Support. We highly recommend searching our Wiki before posting on the forum. Also, if you have a question for our Customer Support team, please contact them as you would normally.

We ask that if you have any complaints or questions relating specifically to your account, that you address them to our Customer Support department. Do not post personal account information such as passwords or other sensitive and private information the forum, as this type of information is best kept secret. Also, please be respectful of other users and refrain from defamatory comments or use of coarse language.

We will visit the forum from time to time, and contribute to various topics. We reserve the right to delete any posts which are deemed offensive or against the spirit of the forum. Any spamming or illegal activity will not be tolerated. We also reserve the right to block any user who violates these guidelines.

To get started, we welcome you to sign up at our User Management site. Any account created there will have access to these forums, our Wiki, our Ideas site and commenting permission on our Status Blog.
See more
See less
what is fail2ban? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • what is fail2ban?

    hey there,the past 2 days i have been getting emails from someone called fail2ban with information about my vps...any idea what that is?or who that is?and is this a security breach?

  • #2
    fail2ban automatically monitors logs and blocks IP addresses doing brute force attacks, One indication of whether anyone is taking undue interest in a system is to keep an eye on failed login attempts.
    Fail2Ban scans log files like /var/log/pwdfail and bans IP
    that makes too many password failures. It updates firewall
    rules to reject the IP address. These rules can be defined by
    the user. Fail2Ban can read multiple log files such as sshd
    or Apache web server ones.
    README - Fail2ban


    • #3
      well then im getting attacked hard..ive got 5 emails in past 2


      • #4
        Identify IP addresses that regularly trigger Fail2Ban - so that you can send a report to their ISP or block them using a firewall

        You can always add a rule to iptables using the command line to block a particular IP address or block of addresses:

        iptables -A INPUT -p tcp -s <host> --dport <port> -j REJECT --reject-with tcp-reset
        Or you could set up a Fail2Ban rule to monitor it's own logfile and block repeat offenders for a longer time period.