We were looking into it and would have solved it, but since it required running several commands in the terminal, he ultimately decided that Hestia is not the control panel he needs. If you have the same issue or a similar one, open a new topic and we’ll take a look.
1 Like
I think that HestiaCP needs some sort of ‘Hire a Pro’ feature?
I think that HestiaCP is the best CP in the world.
I just don’t think that EVERY person needs to be a level-4 linux server admin.
I know I have to learn still. I had some incidents today. Not comfortable talking about them with ANYONE. I kinda wish I could call someoone and pay $100 for 10 minutes of their time.
No dont have the problem any more as i was able to fix it and was going to offer assistance
1 Like
what issue are you having
Right now, my Fail2Ban stopped banning new IPs.
I TRIED adding an IPv6 banlist the other day.
I keep getting ‘false positives’ in UptimeRobot website monitoring.
I’m looking through logs now, I Just don’t SEE anything wrong.
Gemini_Prompt
I’d like to alter this Fail2Ban config so that I write to the CURRENT logs, and I ALSO write to ONE CENTRAL fail2ban log in the path /fail2ban/fail2ban.log
Gemini_Answer
. Configure logpath to include both locations:
For each jail, you’ll modify the logpath parameter to include both the original log file and your central /fail2ban/fail2ban.log. You can achieve this by separating the paths with a space.
`[ssh-iptables]
enabled = true
filter = sshd
action = hestia[name=SSH]
logpath = /var/log/auth.log /fail2ban/fail2ban.log
maxretry = 5
[vsftpd-iptables]
enabled = false
filter = vsftpd
action = hestia[name=FTP]
logpath = /var/log/vsftpd.log /fail2ban/fail2ban.log
maxretry = 5`
I ALSO am a bit confused about this feature in Fail2Ban configuration
I’d like to use my DynDNS address, but I’m a TINY bit concerned that it’s not going to be ‘always current’. I think that my ROUTER (DDWRT) only allows me to update the DynDNS once a day. I’m trying to config a LXC container that will update it ‘more often’.
But then that leaves me with TWO urls.
I didn’t think that it was permitted to WHITELIST a FQDN in this manner.
I would have done this a long time ago.
#Uncomment and add your IPs and or domains to the Whitelist
#[DEFAULT]
#ignoreip = 111.111.111.111 222.222.222.222 subdomain.example.tld example.tld 333.333.333.333
Yes, it’s permitted.
cat >/etc/fail2ban/jail.d/whitelist.local <<EOF
[DEFAULT]
ignoreip = here.your.dyndns.domain
EOF
systemctl restart fail2ban
Every time your dns record changes, fail2ban will use it, no need to restart fail2ban to get the new ip.
That won’t write anything neither to /var/log/auth.log nor to /fail2ban/fail2ban.log. Directive logpath is used to search for messages on those log files.
You should already have a central log for fail2ban /var/log/fail2ban.log