Line 67: |
Line 67: |
| Mail=enabled | | Mail=enabled |
| status=enabled | | status=enabled |
| + | |
| + | Available options are below: |
| + | |
| + | * '''IgnoreIP''': a comma separated list of IP or CIDR networks which will never be blocked by fail2ban. Exemple: 12.15.22.4,17.20.0.0/16. All your local networks and networks allowed to access the server-manager are already automatically whitelisted |
| + | * '''FilterLocalNetworks''' can be enabled or disabled (default is disabled). If set to enabled, local networks won't be whitelisted, and fail2ban can also ban hosts from the internal networks. Note that networks allowed to access the server-manager are not affected (they will never be blocked) |
| + | * '''BanTime''': Duration (in seconds) of a ban. Default to 1800 |
| + | * '''FindTime''': The window fail2ban will check, in seconds. Default is 900. So, this mean fail2ban will only check for the number of failed login attempts in the last 15 minuts |
| + | * '''MaxRetry''': Number of failed attempts in the last '''FindTime''' seconds to trigger a ban. Default is 3 |
| + | * '''Mail''': can be enabled or disabled (default is enabled). If enabled, each ban will be notified by mail |
| + | * '''MailRecipient''': if '''Mail''' is enabled, the email address which should receive ban notifications. Default is root (the admin account will receive) |
| | | |
| ===Use Fail2ban=== | | ===Use Fail2ban=== |