Sysadmin Csf firewall doesn't block ip

fail2ban just installing it won't do much when paired with csf firewall. You need to properly configure fail2ban in general + configure for CSF firewall usage for specific applications like Centmin Mod installed nginx. fail2ban isn't something you can just yum or source install and will work out of the box as is.

I have been doing internal private testing for Centmin Mod Nginx + CSF FIrewall + fail2ban configuration as well which covers application level fail2ban profiles for Centmin Mod Nginx, wordpress, xenforo, vbulletin etc. CSF Firewall LFD handles banning brute force TCP level attacks like SSHD brute force but doesn't handle application level like fail2ban for log in failures to web apps.

 

try uninstalling fail2ban and try again, could be some conflict ?

 

yes cloudflare will render any local CSF / iptables blocking useless as iptables can't see the real IP of the visitor once Cloudflare or any reverse proxy is in front of it. Nginx can as you setup a realip forward from Cloudflare passed onto Nginx when configured properly i.e. from @Oxide's thread at CF => Nginx Rev => Nginx/PHP .. How? | Centmin Mod Community

actually @Oxide has a guide on for workaround of sorts when using Lua Nginx module which is optionally supported in Centmin Mod 123.09beta01 and higher branches How to limit requests, and ban those hitting the limit | Centmin Mod Community

 

actually @Oxide has a guide on for workaround of sorts when using Lua Nginx module which is optionally supported in Centmin Mod 123.09beta01 and higher branches How to limit requests, and ban those hitting the limit | Centmin Mod Community

 

yeah true