| docs

Appearance

Fail2Ban Settings

The Fail2Ban Settings section allows administrators to configure jails and actions for protecting services like SSH and FTP from unauthorized access and brute-force attacks.

URL: /admin/fail2ban/fail2-ban-settings

Tabs

1. Jails

Fail2Ban Settings - Jails Tab

SSHD Jail

  • SSHD Jail (Toggle) – Enables or disables the SSHD jail, which helps protect the SSH service from unauthorized access.
  • Find Time – Time period in which a host must exceed the maximum number of failed login attempts to trigger a ban.
    • Default: 1800 minute/s
    • Options: seconds/s, minute/s, hour/s
  • Ban Time – Duration that an IP address will remain banned after detection.
    • Default: 7200 minute/s
    • Options: seconds/s, minute/s, hour/s
  • Ban Action – Method for blocking an IP address when a ban is triggered.
    • Options:
      • iptables
      • iptables-new
      • iptables-multiport
      • shorewall
      • firewalld-allports
      • firewalld-rich-rules
      • firewalld-ipset
      • firewalld-multiport
  • Max Retry – Maximum number of failed login attempts allowed within the Find Time period.
    • Default: 4
  • Log Path – Path to the log file Fail2Ban will use to monitor and detect intrusions.
    • Default: /var/log/fail2ban.log

vsFTPD Jail

  • vsFTPD Jail (Toggle) – Enables or disables the vsFTPD jail to protect the FTP server from unauthorized access.

2. Actions

Fail2Ban Settings - Actions Tab

Report Actions

  • Destination Email – Email address to which notifications will be sent.
    • Default: null
  • Sender – Sender email used for outgoing ban notifications.
    • Default: null
  • MTA – Mail transfer agent used to send ban notifications.
    • Options:
      • sendmail
      • mail
  • Protocol – Communication protocol used for sending ban notifications.
    • Options:
      • tcp
      • udp
  • Port – Port range to be banned. By default, it covers all ports from 0–65535.
  • Ban Action – Default action for banning (applies globally or per jail).
    • Options:
      • iptables
      • iptables-new
      • iptables-multiport
      • shorewall
      • firewalld-allports
      • firewalld-rich-rules
      • firewalld-ipset
      • firewalld-multiport

Save Changes

Both tabs include a Save changes button to persist configuration updates.