ban numbers.

Discussion in 'Feature Requests' started by nhybgtvfr, Aug 30, 2019.

  1. nhybgtvfr

    nhybgtvfr Active Member

    an option to show the number of ban's created by fail2ban in the ispconfig interface for all customers to see.
    maybe something that runs something like grep Ban /var/log/fail2ban.log | wc -l every minute and updates a field(s) in the ispconfig database.
    can then maybe show number of bans so far today, this week, month to date, year to date.
    further possibilities to show ftp bans, ssh bans, wp-login bans etc, in total or by server if in a multi-server setup.

    would then also be easy to take those numbers from the ispconfig database and display them wherever we wanted within our own website.
    hopefully being able to see just how many brute force password attempts are being attempted on their hosting server would encourage people to pick stronger passwords, install some more wordpress/drupal/joomla/whatever security, and maybe update their bloody 10 year old version of the cms once in a while.

    (from someone who's pissed off at customers complaining about our servers being insecure (they aren't.) when their wordress 3.* :eek: site gets hacked because they won't bloody update it :mad:)
    we could also then finally remove php5.6 from our servers without them all complaining we've broken their site.

    oh to be able to tell customer's we'll just turn their site off if their cms is more than eg 5 minor versions behind the latest release...… :D
    (maybe that could be a feature for ispprotect….)
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I installed logwatch, it e-mails daily summaries of several log files, including fail2ban. https://packages.debian.org/buster/logwatch
    Code:
    --------------------- fail2ban-messages Begin ------------------------
    
     
     Banned services with Fail2Ban:                             Bans:Unbans
        dovecot:                                                [  3:3  ]
        postfix-sasl:                                           [219:222]
        pure-ftpd:                                              [  3:3  ]
        sshd:                                                   [457:453]
     
     ---------------------- fail2ban-messages End ------------------------- 
     
  3. nhybgtvfr

    nhybgtvfr Active Member

    nice, will take a look at that, but i'm thinking specifically of something that will display these numbers near live in the control panel so that all our customers can see them increasing. I want to scare customers into paying more attention to security and updates.
     

Share This Page