Search results

Hi mr-wolf, it came from br. I'll try ipset-country script, but first I'm tring to configure f2b to use ipset (and not iptables). Then I'll configure your script to work with f2b. Thank you for your support.

Hi UFHH01, I have iptables-ipset-proto* files in action.d directory. So I don't understand it. Why cannot f2bmng found it ?

Hi, I know this is an old thread, but since 2014 no f2bmng is been modify. I'm tring to use ipset on f2b, but without success. I've the same error : Error: f2bmng failed: ERROR Found no accessible config files for 'action.d/iptables-ipset-proto6.conf' under /etc/fail2ban ERROR Error in action...

Hi mr-wolf, I have had a bruteforce attack (Question - Brute force attack has put down dovecot service) and I've found some scripts for f2b for nginx (www), but nothing for pop3,pop3s. Do you think that I can protect my dovecot service with bruteprotect from your ssh script ?

Hi, I've received some email from watchdog that inform me that dovecot service is down for about 10 minutes, and then it is been restarted. So, I've read some log and I found that from an only ip, my server has received a series of attempts to access on dovecot. Now, I would like to know why my...

Hi mr-wolf, for now I want to set, only black-countries, so I think that the white control I can leave empty...Is it's ok, how can I add "this line after "-A INPUT -p tcp -m tcp --dport 22 -j f2b-SSH" ? I have create the script and the conf file on /usr/local/sbin, but I cannot understand how...

Thanks UFHH01. But if I have understood, this solution redirect all domains even if there isn't any certificate. So, this is the problem: what can I do when I have a domain without ssl support ?

I've read this discussion, but I didn't find any info about horde webmail. Where can I force https for those domains that have a SSL certificate ? Thank you

this is the output :f2b-SSH - [0:0] -A INPUT -p tcp -m tcp --dport 22 -j f2b-SSH -A f2b-SSH -s 103.89.88.130/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-SSH -j RETURN ..yes...we're wolf...;)

Hi, I've implemented fail2sql with success (thanks to this thread), but I've found that in my DB are logged only ssh port. That's strange because I've some ftp nad postfix in my fail2ban log but no one are write in the db. Why ?

hi mr-wolf, I'm tring to implent some country block rules, and I have a question about your example; my iptables look like this : 13 f2b-SSH tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 Can I implement ipset even if I have Fail2Ban to check my ssh ? Thank you

Hi mr-wolf, this morning I've make a backup of my server and while I've testing some services, I try to install ipset. Yes, it's work. I'm on VmWare and I found an article that on OpenVz there is a bug with ipset. So, now I'm try to set some of your scripts, because there are too much traffic on...

Hi, I'm using this simple txt record : v=spf1 +a +mx -all +a:your.plesk.server.name +ip4:IP.your.server for all domains configure on server. This help your customer to send email without being detected as spam.

Hi mr-wolf, I'll test asap. Now I'm configuring other services and I cannot test it for a while.

Thank you mr-wolf, but I'm on virtual machine, so I cannot use ipsec and so your script (wordfence and enhance fw). I'll try to search for some other mod. Anyway thank you

So isn't this possibile in a virtual ambient (vmware, virtuozzo, hyper-v, etc) ? is it ?

Hi, is there a reason because bind-address in my.cnf is empty ?

Hi mr-wolf, thank you for your support, but I have detected several brute force attacks from my country, so I don't think that this solution is for me. So, I'm tring to find datedetector.py so I can configure it and then I can see if someone it's tring to access to 3306.

Hi Trialotto, how can I parse the log output format ? I cannot find datedetector in /usr/share/fail2ban/server, so what can I do ? Thank you P.S.: I'm on CentoOS 7.3 with plesk 17.5.3

Hi, i've done other tests, and probably I found the error; I've changed the interval for detection of subsequent attacks and now seems that recidive works as expected. So, I would like to know if I understand how it works: after the max numbers of failed login attempts (ssh, ftp, postfix, etc.)...