How can we help?



In version 5.00 Fail2ban has been added as the default-enabled security guard for better intrusion prevention on your device.

It has multiple filters enabled and mainly checks for suspicious activity at the following services and protocols:
Apache2 (HTTP/HTTPS)

1) Logging
Available at /var/log/fail2ban.log

2023-04-19 13:04:26,272 fail2ban.filter [745]: INFO [sshd] Found - 2023-04-19 13:04:26
2023-04-19 16:00:11,249 fail2ban.filter [745]: INFO [apache-antibot] Found - 2023-04-19 16:00:10
2023-04-19 16:00:11,624 fail2ban.actions [745]: NOTICE [apache-antibot] Ban

It tracks every IP address actions and shows which filter caught the activity.

2) Unbanning:

First you need to determine which filter banned the IP. In example:

2023-04-19 16:00:11,624 fail2ban.actions [745]: NOTICE [apache-antibot] Ban

user from was banned because of apache-antibot filter. To unban him you need to specify which filter (jail) caught the action and his IP, e.g:

fail2ban-client set apache-antibot unbanip
Was this article helpful?
0 out of 0 found this helpful