Question

Setting up fail2ban, Jails wont enable

I was following the tutorial found here: https://www.ukhost4u.com/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-20-04/ ( I cant find a new digital ocean one), it has me add apache jails. When I set this up, it seems many autopopulated. I tried adding the addtl info to those entries, but when I run the IP tables, they dont show up blocking anything. I tried adding them under “JAILS” as the tutorial showed, and fail2ban refused to run. So I deleted everything I changed in JAILS and pasted in the original info for Apache etc, and it still only shows one JAIL operating, and that SSHD, when I check the status.

Attached are the lines from the config file under JAIL that relate to APACHE

# # JAILS
# #
#
# #
# # SSH servers
# #
# 
# [sshd]
# 
# # To use more aggressive sshd modes set filter parameter "mode" in jail.local:
# # normal (default), ddos, extra or aggressive (combines all).
# # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
# #mode   = normal
# port    = ssh
# logpath = %(sshd_log)s
# backend = %(sshd_backend)s
# 
# 
# [dropbear]
# 
# port     = ssh
# logpath  = %(dropbear_log)s
# backend  = %(dropbear_backend)s
# 
# 
# [selinux-ssh]
# 
# port     = ssh
# logpath  = %(auditd_log)s
# [apache-auth]
# port     = http,https
# logpath  = %(apache_error_log)s
# 
# 
# [apache-badbots]
# # Ban hosts which agent identifies spammer robots crawling the web
# # for email addresses. The mail outputs are buffered.
# port     = http,https
# logpath  = %(apache_access_log)s
# bantime  = 48h
# maxretry = 1
# 
# 
# [apache-noscript]
# 
# port     = http,https
# logpath  = %(apache_error_log)s
# 
# [apache-overflows]
# 
# port     = http,https
# logpath  = %(apache_error_log)s
# maxretry = 2
# 
# 
# [apache-nohome]
# 
# port     = http,https
# logpath  = %(apache_error_log)s
# maxretry = 2
# 
# 
# [apache-botsearch]
# 
# port     = http,https
# logpath  = %(apache_error_log)s
# maxretry = 2
# 
# 
# [apache-fakegooglebot]
# 
# port     = http,https
# logpath  = %(apache_access_log)s
# maxretry = 1
# ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip>
# [apache-modsecurity]
# 
# port     = http,https
# logpath  = %(apache_error_log)s
# maxretry = 2
# 
# 
# [apache-shellshock]
# 
# port    = http,https
# logpath = %(apache_error_log)s
# maxretry = 1

Any help is appreciated. TTIA.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi @beeivey,

Can you show the Apache Jails, the file’s location and name and it’s contents here in order to further assist?

Additionally, what was the error you were getting when you configured them?