I ask for no todo something wrong. I installed with the auto-installer and do not know is does something with the failtoban.conf. Having a look in it I can not see entrie like discribed here https://www.howtoforge.de/uncategorized/ispconfig-3-anmeldung-mit-fail2ban-absichern/ I looked in all modified file in /etc/failtoban and subdirs with modification date = install date, found nothing there. So I assume I have to configure it myself. Is the description ind the link above OK? Regards Rainer
Fail2ban is already configured, but you can change or extend its configuration of course in any way you like. ISPConfig protects its login against brute force attacks internally on its own, fail2ban is not needed for that.
I am running a nextcloud on that machine plus customers mailboxes and websites. The old system was bases on esxi where ispconfig ran on an internal net behind a separate VM with a dedicated firewall in front of the other server. After the actuel attacks to esxi with ramsonware that crashed my servers to, I installed it on bare metal, as I am not shure beeing attacked again. so I want to sercure the sysem as much as possible. Regards Rainer
Just make sure to follow the installation guide. ISPConfig has a configuration site for open Ports. Only open what you really need there. Nextcloud has a bruteforce detection module buil-it, make sure to keep it up to date tho. As till mentioned fail2ban is configured OOB in ISPConfig and should be fine. So the best advice is to only open ports you need and keep the system and software up to date and you should be fine. Monitoring log files once i a while doesn't hurt either