Community Forum

0 votes
I've been doing lots of tests while trying to host two email domains on clearOS. The Attack Detector app (based on fail2ban) did not like that and decided to lock me out of the box.

I'd refereed to the app's documentation and had found the following:
If this application is installed and the 'sshd' rule is enabled, repeated failed log-in attempts will block access with your public IP address. You will need to log in using a different public IP address and White List your blocked public IP address on the Intrusion Prevention app.

I did what the document says and whitelisted the IP on the Intrusion Prevention app, but that didn't lift the ban! I had to login to SSH and issued the following command to unban the IP:

fail2ban-client set sshd unbanip

It seems the documentation is wrong in this part or I might be missing something here!
Thursday, January 11 2018, 07:33 PM
Share this post:
Responses (1)
  • Accepted Answer

    Thursday, January 11 2018, 08:33 PM - #Permalink
    0 votes
    Looks like you're right. There is no webconfig option to whitelist IP's in fail2ban/app-attach-detector. If can be done by editing the ignoreip in /etc/fail2ban/jail.local (or /etc/fail2ban/jail.conf if you insist), but I'd still expect you to have to manually unban as you did. I'll file a bug when I get the energy.
    The reply is currently minimized Show
Your Reply