By derrickr
I’ve had fail2ban running on my Ubuntu 16.04 droplet for ~7months and it seems to be doing its job.
However, every time I need to do a reboot I get inundated with thousands of fail2ban notifications.
From what I understand fail2ban has a persistent database in ‘/var/lib/fail2ban/fail2ban.sqlite3’ so I’m wondering:
-
How to check that persistent database is actually being used? *note: the database has a recent last modified date/time, so I guess this confirms that at least the IPs being banned are being written to it, but how can I tell that it’s actually being read/used?
-
How to stop email being sent on reboot, if the banned IPs are already in the database?
The nearest relevant article I’ve found is: https://serverfault.com/questions/158327/fail2ban-save-banned-ips-after-restart but this doesn’t make any difference.
I’d appreciate any advice / pointers, as I’ve been trawling the net and can’t really find any decent/definitive articles/tutorials.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.