User Tools

Site Tools


fail2ban scans log files and bans malicious IPs. Default values are quite gentle - change bantime (the duration in seconds for IP to be banned for - default 10 minutes) and findtime (unban the IP if no match is found in the logs within “findtime” seconds).

For some services, say ssh and mail, you can increase these values - for example, set findtime to 24 hours (if it is too short, you loose a lot of blocked IP when you restart fail2ban) and bantime to 8 hours.

bantime  = 28800 #ban for 8h
findtime = 86400 #use logs of last 24h
maxretry = 3 #default
notes/aggressive-fail2ban-settings.txt · Last modified: 2017/10/28 18:04 by admin