Question [Fail2Ban] How redirect banned traffic to a static page?

[Tomek]

Right now when Fail2Ban ban the website owner IP, the user does not know what is happening. He thinks that his website is down.

I would like to let the user know that his IP has been banned and provide contact information.

I am thinking of redirecting traffic to a static page with this information.

But how to make it? How redirect banned traffic to a static page?

Or maybe there is a better solution to this problem?

 

[Bitpalast]

Fail2Ban places a rule in iptables by which the traffic (the actual data packets) are blocked. It is not possible to redirect such packets to a specific website, as they are blocked on a low level that does not know anything about the existance of websites.

 

[Tomek]

Thank you very much Peter for your response and explanation.

In other words, there is no way to tell the user that he has been banned?


I especially think about plesk-wordpress and plesk-modsecurity jail.

With enabled plesk-modsecurity jail, it is practically impossible to use Wordpress plugins and not be banned.

Does ModSecurity need enabled plesk-modsecurity jail in Fail2Ban to work properly?

 

[Bitpalast]

ModSecurity is independent of Fail2Ban. These two are different things. ModSecurity blocks single URL requests that match a certain URL pattern. It does not block IP addresses.

The ModSecurity jail is a Fail2Ban jail that reads ModSecurity data and blocks IP addresses that have before been blocked in the ModSecurity context. The "modsecurity" fail2ban jail is not required for ModSecurity to operate correctly.

 

[Tomek]

This is good news

I will turn off the plesk-modsecurity jail and I will check how everything works.

Again, thank you very much Peter


I ask to be sure. There is no way to tell "plesk-wordpress jail" banned users, that they have been banned?