Fail2Ban is not blocking users after unsuccessful attempts

Discussion in 'HOWTO-Related Questions' started by corpy, Aug 23, 2014.

  1. corpy

    corpy New Member

    Hello,

    I've been trying to configure Fail2ban on my development server and I envy those people who say "Fail2ban" is so easy to configure

    The thing is SSH login attempts are recorded on /var/log/auth.log but with my testing username I can type passwords endlessly that user will never blocked.

    This is my config for SSH

    Any help would much much appreciated

    Code:
    ignoreip = 127.0.0.1/8
    
    
    bantime  = 600
    
    findtime = 600
    maxretry = 3
    
    backend = auto
    
    usedns = warn
    protocol = tcp
    
    chain = INPUT
    action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
    
    
    action = %(action_)s
    
    [ssh]
    
    enabled  = true
    port     = ssh
    filter   = sshd
    logpath  = /var/log/auth.log
    maxretry = 3
    
    logpath = /var/log/sshd.log
    maxretry = 3
    
    
     
  2. srijan

    srijan New Member HowtoForge Supporter

    Which Distro you are using, if in case you are using Debian/ubuntu use this guide
     
  3. corpy

    corpy New Member

    Thanks!!! That guide is really good. Not sure what the solution was in case anyone else has this problem but it was either

    1. backend = polling
    2. I forgot to restart!!!! :(
     

Share This Page