On 05/08/2019 08:50, Jon LaBadie wrote: > > I've found the default 10min bans hardly bother some attackers. > So I've added the "recidive" feature of fail2ban. After the > second 10min ban, the attacker is blocked for 1 week. > Interesting, didn't know about that feature, but, oh, I just generally ban for a whole week regardless, yes, I realise that a typo might set it off for a actual user, but I have other methods of entry to unban if that happens, and we have a number of whitelisted IPs that cover most things like that for most use cases, and a VPN within the whitelist that can be used if the public services get locked out.