5 Aug
2019
5 Aug
'19
8 a.m.
On 05/08/2019 08:50, Jon LaBadie wrote:
I've found the default 10min bans hardly bother some attackers. So I've added the "recidive" feature of fail2ban. After the second 10min ban, the attacker is blocked for 1 week.
Interesting, didn't know about that feature, but, oh, I just generally ban for a whole week regardless, yes, I realise that a typo might set it off for a actual user, but I have other methods of entry to unban if that happens, and we have a number of whitelisted IPs that cover most things like that for most use cases, and a VPN within the whitelist that can be used if the public services get locked out.