Hello, I've been trying to configure Fail2ban on my development server and I envy those people who say "Fail2ban" is so easy to configure The thing is SSH login attempts are recorded on /var/log/auth.log but with my testing username I can type passwords endlessly that user will never blocked. This is my config for SSH Any help would much much appreciated Code: ignoreip = 127.0.0.1/8 bantime = 600 findtime = 600 maxretry = 3 backend = auto usedns = warn protocol = tcp chain = INPUT action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action = %(action_)s [ssh] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log maxretry = 3 logpath = /var/log/sshd.log maxretry = 3
Thanks!!! That guide is really good. Not sure what the solution was in case anyone else has this problem but it was either 1. backend = polling 2. I forgot to restart!!!!