fail2ban

kaz050457 · February 10, 2018, 3:27pm

Hi admin please integrate fail2ban on cyberpanel interface…

usmannasir1 · February 10, 2018, 6:46pm

We can do that.

kaz050457 · February 10, 2018, 11:45pm

@usmannasir said:
We can do that.

great… Best make a Panel Roadmap so we know whats coming features…

beactive · September 28, 2018, 10:08pm

When can we expect fail2ban integration?

gleert · September 29, 2018, 10:19pm

+1 for fail2ban

beactive · October 3, 2018, 12:00pm

@usmannasir Can we expect Fail2Ban in an upcoming release? And simple installation/config of Redis/LS-Memcached?

usmannasir1 · October 3, 2018, 12:35pm

It will be done, but not in the priority list now.

juanmaia · March 30, 2019, 8:44pm

+1 for fail2ban

Luke007 · March 31, 2019, 1:27pm

generalman · April 11, 2019, 7:25am

+1 for fail2ban is a in priority.
The Fail2ban tool allows you to block access from IP addresses with a large number of incorrect logins. The fail2ban program can be used not only for SSH, it can protect various forms of web authentication, FTP, and prevent DoS attacks on the server.

I would also like to see the possibility of conveniently adding IP addresses from which FTP and SSH connections are allowed when you create an FTP user and ssh user.
This will significantly improve the security of brute force passwords for the corresponding ports.

For example, vestacp uses fail2ban to protect the following ports:

panel entry port (8090 in our case)
22 - ssh
21 - ftp
110, 995 - pop3
143, 993 - imap
smtp - 25, 587, 465 (SMTP over SSL)
mysql - 3306

Many thanks for the development and support of CyberPanel

Hifihedgehog · April 19, 2019, 2:17pm

John_Wick_1488 · April 19, 2019, 10:39pm

We can do that.

CSF firewall have integrated anti bruteforce guard?

sgonzalez · June 11, 2019, 1:24pm

+1 for fail2ban

whattheserver · October 11, 2019, 10:32am

We can do that.

CSF firewall have integrated anti bruteforce guard?

Yes CSF comes with LFD which is login failed daemon and fully does all that fail2ban does but better and easier to use.

If you install CSF with LFD which is default it will do all that for you. I committed a patch already for cyberpanel to set those good defaults up so it works for centos/ubuntu and monitors all the ssh/ftp/email modsec etc logs. It can even monitor custom logs.

See the below links.
https://forums.cyberpanel.net/discussion/1986/csf-settings-and-log-paths-for-lfd-integration-from-the-cli#latest
https://github.com/usmannasir/cyberpanel/blob/1.8.0/plogical/csf.py

I have used both CSF+LFD and APF+Fail2ban and i have always preferred CSF and LFD over fail2ban.

More about CSF > ConfigServer Security and Firewall (csf) – ConfigServer Services
https://download.configserver.com/csf/readme.txt

Andesh · March 18, 2021, 3:02pm

Is there a roadmap for Cyberpanel development?
Is Fail2ban in that roadmap?

StealthFantom · July 13, 2021, 10:06pm

After 2 year still nowhere Fail2ban??? I want coming from aaPanel, but is important Fail2ban first…

fungal · September 16, 2021, 10:47am

@whattheserver I will check out the links provided, but I have always used F2B and the only reason I was looking as I spent hours and still getting syn packets constantly and I am not certain if it relates to the sites being unable to load, although there is little server load and the pipe into the co-located server is large. But as I said, will check the docs again … but this is also my…

+1 for F2B

captans · January 27, 2022, 9:57pm

+1 for fail2ban

rssperky · February 11, 2023, 3:32pm

plus 1 for fail2ban

engrrajonahmed · February 11, 2023, 4:10pm

I believe you can install Fail2Ban and integrate it in an unofficial way.

Install CyberPanel.
Install: $ apt install -y fail2ban
Configuration:

$ cat <<EOF | sudo tee /etc/fail2ban/jail.d/00-firewalld.conf 
DEFAULT
banaction = firewallcmd-ipset
EOF

Reboot