GUI Fail2ban not working

VitalPBX Community Support General Discussion GUI Fail2ban not working

Up
0
Down
  • Post
    DannyLarsen
    Participant
    none

    Ver 2.0.0-5

    The Intrusion detection for the GUI login does not block access to the GUI 

    The fail2ban.log shows the incorrect login and the action of being block, the system also sends an email that the ip has been blocked

    However I can still login from the blocked IP 

    Firewall and Intrution Detection are both enabled

    Am I missing something?

    Thank you

    0
Viewing 15 replies - 1 through 15 (of 27 total)
  • Replies

    How many tries do you have configured?, are you sure that you reach the maximum tries?

    By default the intrusion detection comes with 5 tries allowed. I test by my self, and is working as expected

    0

    Check if the ip address that you are using is not in the whitelist

    0
    DannyLarsen
    Participant
    none

    It looks like this is a problem of the vps I am using, I tested on a real server and it works

    Is it possible to define the venet in fail2ban on a vps so fail2ban can utilize it

    0

    It looks like an issue, it happens when the email notifications are enabled, may you try with the email notifications disable in your VPS?

    0
    DannyLarsen
    Participant
    none

    I have removed the email entry in this field “And Send a Notification Email To” 

    Not sure if that is what you meant

    Also I am finding that I have to refresh the page to see the Ban List, the banned addresses show up there after a page refresh but are not blocked

    0

    Try to update the VitalPBX Fail2ban config: 

    yum update vitalpbx-fail2ban-config

    Let me know if that fix your issue

    0
    DannyLarsen
    Participant
    none

    It returns 

    “No packages marked for update”

    0

    Yep, you must to clean cache first

    yum clean all

    rm -rf /var/cache/yum

    yum update vitalpbx-fail2ban-config
    0
    DannyLarsen
    Participant
    none

    OK now updated to ver 1.0.0-3  shows the banned ip address but still lets me in

    I disabled and enabled the service and tried logging in with a bad password 10 times (set for 5 max) still lets me access the login page and log in

    0

    That only happens in your VPS? What kind of VPS do you have?

    0
    DannyLarsen
    Participant
    none

    woothosting cloud vps is the service

    0

    is it a dedicated VPS? do you have full access to it?

    0
    DannyLarsen
    Participant
    none

    It may be shared with my other vps on the same service 

    Yes I have full access ssh etc…

    0
    DannyLarsen
    Participant
    none

    But each has a static public  ip address 

    0

    Try the following:

    yum install -y fail2ban-systemd fail2ban-firewalld python-inotify
    systemctl restart fail2ban

    Then post the result of the following command:

    fail2ban-client get vitalpbx-gui logpath
    0
Viewing 15 replies - 1 through 15 (of 27 total)
  • You must be logged in to reply to this topic.