fail2ban

Hi admin please integrate fail2ban on cyberpanel interface… :slight_smile:

We can do that.

@usmannasir said:
We can do that.

great… Best make a Panel Roadmap so we know whats coming features…

When can we expect fail2ban integration?

+1 for fail2ban

@usmannasir Can we expect Fail2Ban in an upcoming release? And simple installation/config of Redis/LS-Memcached?

It will be done, but not in the priority list now.

+1 for fail2ban

+1

+1 for fail2ban is a in priority.
The Fail2ban tool allows you to block access from IP addresses with a large number of incorrect logins. The fail2ban program can be used not only for SSH, it can protect various forms of web authentication, FTP, and prevent DoS attacks on the server.

I would also like to see the possibility of conveniently adding IP addresses from which FTP and SSH connections are allowed when you create an FTP user and ssh user.
This will significantly improve the security of brute force passwords for the corresponding ports.

For example, vestacp uses fail2ban to protect the following ports:

  1. panel entry port (8090 in our case)
  2. 22 - ssh
  3. 21 - ftp
  4. 110, 995 - pop3
  5. 143, 993 - imap
  6. smtp - 25, 587, 465 (SMTP over SSL)
  7. mysql - 3306

Many thanks for the development and support of CyberPanel

+1

We can do that.

CSF firewall have integrated anti bruteforce guard?

+1 for fail2ban

We can do that.

CSF firewall have integrated anti bruteforce guard?

Yes CSF comes with LFD which is login failed daemon and fully does all that fail2ban does but better and easier to use.

If you install CSF with LFD which is default it will do all that for you. I committed a patch already for cyberpanel to set those good defaults up so it works for centos/ubuntu and monitors all the ssh/ftp/email modsec etc logs. It can even monitor custom logs.

See the below links.

https://github.com/usmannasir/cyberpanel/blob/1.8.0/plogical/csf.py

I have used both CSF+LFD and APF+Fail2ban and i have always preferred CSF and LFD over fail2ban.

More about CSF > ConfigServer Security & Firewall (csf)
https://download.configserver.com/csf/readme.txt

Is there a roadmap for Cyberpanel development?
Is Fail2ban in that roadmap?

After 2 year still nowhere Fail2ban??? I want coming from aaPanel, but is important Fail2ban first…

@whattheserver I will check out the links provided, but I have always used F2B and the only reason I was looking as I spent hours and still getting syn packets constantly and I am not certain if it relates to the sites being unable to load, although there is little server load and the pipe into the co-located server is large. But as I said, will check the docs again … but this is also my…

+1 for F2B

+1 for fail2ban