On 05/08/2019 08:50, Jon LaBadie wrote:
I've found the default 10min bans hardly bother some attackers.
So I've added the "recidive" feature of fail2ban. After the
second 10min ban, the attacker is blocked for 1 week.
Interesting, didn't know about that feature, but, oh, I just generally
ban for a whole week regardless, yes, I realise that a typo might set
it off for a actual user, but I have other methods of entry to unban if
that happens, and we have a number of whitelisted IPs that cover most
things like that for most use cases, and a VPN within the whitelist that
can be used if the public services get locked out.
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
