# Fail2Ban

# What is Fail2Ban?

Fail2Ban is a program that allows you to block unsolicited traffic from specific IP addresses.

# How does Fail2Ban work?

Fail2ban analyzes traffic passing through the web server, and when execution of certain conditions is noticed, blocks traffic from the source IP address.

# Commands for managing Fail2Ban after the Keitaro tracker has been installed

To enable Fail2Ban traffic analysis, run the command in the console:

  • kctl-fail2ban enable

To turn off Fail2Ban traffic analysis, run the command in the console:

  • kctl-fail2ban disable

To determine the Fail2Ban status, run the command in the console:

  • kctl-fail2ban status

# Config Fail2Ban

The config setting-up file is located in /etc/keitaro/fail2ban/keitaro-jail.conf.

Example of configuration parameters:

    maxretry = 3 # Number of found requests to consider the source as the source of unsolicited traffic.
    findtime = 60 # The time it takes to search unsolicited traffic, in seconds.
    bantime = 600 # The time for which the source of unsolicited traffic is blocked, in seconds.
  • What is Fail2Ban?
  • How does Fail2Ban work?
  • Commands for managing Fail2Ban after the Keitaro tracker has been installed
  • Config Fail2Ban