Ban IPs from Brute Forcing Logins

Hello, just one question.

Is there a way to to temporarily lockout a IP that does too many incorrect passwords and ban them if they continue? Also if there is a feature like that is there a way to add your IP address so you don’t get banned?

Thank You and love the CP.

IP Banning is already implemented over fail2ban and has the behaviour you wrote.

For whitelist, check this post: IP keeps getting Banned even though its whitelisted - #3 by johnny

1 Like

Sorry for the misunderstanding I mean the login for the DASHBOARD not SSH.

Earlier, even I misunderstood and thought it would be a nice feature request, just like it is in CSF firewall. It works a bit different than fail2ban.

But fail2ban will do that for you too, if properly configured.

That is easy to configure. You can open in the configuration area in Hestia, go to firewall settings and block that Single IP or the IP/24. It will remain in the system blocked until you remove it from the settings. So it will not be a temporary one, though.

A temporary block could be easily achieved through the CSF firewall, if you want to have a more advanced solution. CSF will do that automatically for you, if you configure it in csf.conf properly.

Dashboard is on the same way protected as SSH…

5 failed login attempts and it will ban you…

(Or 5 failed attempts to request a new password)

or 7 times failing to enter the correct 2fa code…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.