Fail2Ban Filters

The Filters page allows administrators to manage Fail2Ban filter definitions that detect malicious activity in log files.

Overview

URL: /admin/fail2ban-filters

This page is divided into two sections: a custom filters table at the top and a Local Filters list below.

Custom Filters

The top section displays a searchable and paginated table of custom (user-created) filters.

Columns

• Name - The filter name (e.g., apache-bad-traffic, apache-connect-abuse). Sortable.

Actions

• Test regex - Test the filter's regex patterns against log entries.
• Edit - Modify the filter configuration.
• Delete - Remove the filter.

Table Features

• Search - Filter results by name.
• Toggle columns - Show or hide table columns.

Pagination

Results per page can be set to: 5, 10, 25, 50, or All.

Creating a Filter

Click the New Fail2BanFilter button to open a dedicated create page (/admin/fail2ban-filters/create) with the following fields:

• Local Filter Profile (dropdown) - Optionally select an existing local filter to pre-fill the name and content fields.
• Name (required) - A unique name for the filter.
• Content (optional) - The filter definition containing regex patterns to match log entries (textarea).

Form Actions

• Create - Save the filter.
• Create & create another - Save and reset the form for a new filter.
• Cancel - Close the modal without saving.

Local Filters

The bottom section displays a read-only list of filters installed locally on the server (system-provided filters such as 3proxy, apache-auth, apache-badbots, apache-botsearch, apache-common, sshd, etc.).

Columns

• Name - The local filter name.

Actions

• View filter - View the filter definition (read-only).

Search

A separate search bar filters the local filters list by name.