Fail2Ban
Is a Software to ban IPs based on behaviors, such as denied logging guessed from logs.
Usage¶
Directories¶
jail.d: which log file to monitor and when as well as how long a threat actor should be bannedfilter.d: which log entries are relevant for Fail2ban to monitor and act onaction.d: what to do
Command-line¶
fail2ban-client set <JAILNAME> unbanip XX.XX.XX.XXto unban an IP
Within Docker to update Cloudflare¶
- This repo offers a container version
- This blog post highlight how to update a Cloudflare List from Fail2Ban
- Then use this list in a Custom Rule in Domain → Security → Security Rules
- See my repo for an example with Vaultwarden