Get the most out of your Centmin Mod LEMP stack
Become a Member

fail2ban - Not banning? (Cloudflare firewall works)

Discussion in 'Other Centmin Mod Installed software' started by deschlong, Aug 20, 2018.

  1. deschlong

    deschlong New Member

    20
    5
    3
    Mar 1, 2018
    Ratings:
    +8
    Local Time:
    11:53 AM
    1.15
    10.1
    Hello there,

    currently playing around with the fail2ban install (Provided here).

    I tried with csf first and it seems that I am getting banned via fail2ban logs, but I still have access to /wp-login.php and could 'brute' force the login, while cloudflare gives me 'access denied' after 5 attempts.

    I basically just installed it via the script and tried to 'brute force' the /wp-login.php via mobile.

    Code:
    csf -g IP 
    
    says that I am banned aswell, but still.. access is granted.

    CSF is supposed to ban me after 5 fails if I understand it correctly, or?
     
  2. eva2000

    eva2000 Administrator Staff Member

    36,054
    7,910
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,192
    Local Time:
    7:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Are you behind Cloudflare for Centmin Mod Nginx + fail2ban ? If behind Cloudflare, fail2ban + CSF Firewall config won't work as CSF Firewall can't see real ips and only sees Cloudflare IPs at network level.

    If behind Cloudflare, only fail2ban + cloudflare API mode will work as fail2ban passes ban IPs onto Cloudflare's Firewall via their API.
     
    • Informative Informative x 1
  3. deschlong

    deschlong New Member

    20
    5
    3
    Mar 1, 2018
    Ratings:
    +8
    Local Time:
    11:53 AM
    1.15
    10.1
    Behind Cloudflare, yeah.. makes sense now. Got it, thanks!

    Guess I need to change to cloudflare for every jail aswell, right?
     
  4. eva2000

    eva2000 Administrator Staff Member

    36,054
    7,910
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,192
    Local Time:
    7:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    • Winner Winner x 1
  5. deschlong

    deschlong New Member

    20
    5
    3
    Mar 1, 2018
    Ratings:
    +8
    Local Time:
    11:53 AM
    1.15
    10.1
    Awesome, thanks!

    The more I dig into CMM the merrier I love it.

    Everytime I setup a small debian server and apply a small 'post install script' I switch to CentOS with CMM because something is missing, too much hassle, etc. on a debian server. Thanks eva for all this!
     
    • Like Like x 1
  6. eva2000

    eva2000 Administrator Staff Member

    36,054
    7,910
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,192
    Local Time:
    7:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Glad to hear - I too can't see myself using anything else but Centmin Mod (though I am biased) :D
     
    • Funny Funny x 1
..