Get the most out of your Centmin Mod LEMP stack
Become a Member

Featured Security CSF Firewall native fail2ban functionality

Discussion in 'System Administration' started by eva2000, Apr 12, 2018.

  1. fabianski

    fabianski Member

    102
    14
    18
    Feb 20, 2019
    Brazil
    Ratings:
    +36
    Local Time:
    10:30 AM
    Thanks! I'll follow the logs now
     
  2. Lav

    Lav Member

    49
    1
    8
    Feb 23, 2020
    Ratings:
    +1
    Local Time:
    7:00 PM
    1.17.8
    10.3
    Can this functionality be used with the real fail2ban installed via fail2ban.sh or do I need to make some additional adjustments in order to use both?
    Would it be a good idea to use both functionality on centmin stack at the same time?
     
  3. eva2000

    eva2000 Administrator Staff Member

    44,519
    10,165
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,736
    Local Time:
    11:30 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Use one not both as I haven't tested both. Fail2ban would have greater control and wider application usage
     
  4. BobbyWibowo

    BobbyWibowo Active Member

    196
    41
    28
    Jul 30, 2015
    Indonesia
    Ratings:
    +70
    Local Time:
    8:30 PM
    1.17.x
    10.3.x
    I was casually looking through configserver.com and found this screenshot:
    [​IMG]
    That made me wonder, is it possible to somehow still respond with an HTTP error page like that when someone with a temp-blocked IP attempt to visit any vhosts in the server?
    As far as I'm aware, right now any blocked IPs will simply get hit by connection timed out, as the server won't even bother responding or something along that line.

    UPDATE: Ah yes. Found the relevant information on https://download.configserver.com/csf/readme.txt, specifically point 14. Messenger Service. There doesn't seem to be any eva-flavored guides in the forum so it seems I'll have to stumble through by my own :(
     
  5. eva2000

    eva2000 Administrator Staff Member

    44,519
    10,165
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,736
    Local Time:
    11:30 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Yes the CSF readme at https://download.configserver.com/csf/readme.txt has alot of additional info folks should read if they want to learn more about CSF Firewall. It's why it's linked to at bottom of official Centmin Mod CSF Firewall page at CSF Firewall - CentminMod.com LEMP Nginx web stack for CentOS :)
     
  6. cheirekov

    cheirekov New Member

    2
    0
    1
    May 14, 2020
    Ratings:
    +0
    Local Time:
    4:30 PM
    Hi there, First of all thank you for your helpful forum and exact this post
    i have some problems to apply one string from my nginx acccess.log to apply custom regex for CSF
    my current log line that i want to match is :
    87.227.227.227 - - [13/May/2020:17:49:26 +0200] "GET /player_api.php?username=0232306793&password=SBmMBsOl HTTP/1.1" 200 24 "-" "-"
    i wan to match exact:
    player_api.php
    and the return of:
    200 24
    please help me for working regex
    Thanks !!!