# Fial2ban

# What is fail2ban?

Fail2ban is a program that allows you to block unsolicited traffic from specific IP addresses.

# How does fail2ban work?

Fail2ban analyzes traffic passing through the web server, and when execution of certain conditions is noticed, blocks traffic from the source IP address.

# Commands for managing fail2ban after the Keitaro tracker has been installed.

To enable fail2ban traffic analysis, run the command in the console:

  • kctl-fail2ban enable

To turn off fail2ban traffic analysis, run the command in the console:

  • kctl-fail2ban disable

To determine the fail2ban status, run the command in the console:

  • kctl-fail2ban status

# Config fail2ban

The config setting-up file is located in /etc/keitaro/fail2ban/keitaro-jail.conf Example of configuration parameters: maxretry = 3 # Number of found requests to consider the source as the source of unsolicited traffic. findtime = 60 # The time it takes to search unsolicited traffic, in seconds. bantime = 600 # The time for which the source of unsolicited traffic is blocked, in seconds.

Last Updated: 6/10/2021, 12:50:06 PM