mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2026-04-25 17:35:52 +03:00
[GH-ISSUE #39] [Request] Add Fail2Ban #34
Labels
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/nginx-proxy-manager-NginxProxyManager#34
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @lordraiden on GitHub (Dec 25, 2018).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/39
Please consider fail2ban
https://www.fail2ban.org/wiki/index.php/Main_Page
and a 2 step verification method
https://www.authelia.com/
https://github.com/clems4ever/authelia
BTW your software is being a total sucess here https://forums.unraid.net/topic/76460-support-djoss-nginx-proxy-manager/
@vrelk commented on GitHub (Dec 31, 2018):
I agree on the fail2ban, I can see 2fa being good if it is going to be externally available.
Big thing if you implement f2b, make sure it will pay attention to the forwarded-for IP. That way you don't end up blocking cloudflare.
I switched away from that docker container actually simply because it wasn't up-to-date enough for me. I needed the latest features such as the ability to forward HTTPS enabled sites.
@jc21 commented on GitHub (Jan 3, 2019):
@lordraiden Thanks for the heads up, makes sense why so many issues being logged in the last 2 weeks! F2B is definitely a good improvement to be considered.
@vrelk Upstream SSL hosts support is done, in the next version I'll release today. Is that the only thing you needed that the docker version couldn't do?
@vrelk commented on GitHub (Jan 5, 2019):
@jc21 I guess I should have specified that I was referring to the docker container linked in the first post (unRAID). It is a few months out of date. My switch was from the jlesage fork to yours.
@macshack76 commented on GitHub (Mar 3, 2019):
please add fail2ban. otherwise you have a great software!
@WesSec commented on GitHub (Mar 26, 2019):
+1 for f2b!
@lordraiden commented on GitHub (Apr 24, 2019):
@jc21
Is there any new about the fail2ban addition?
@1337hium commented on GitHub (May 9, 2019):
also voting for fail2ban 👍
Would be great
@Fiala06 commented on GitHub (May 13, 2019):
Would also like fail2ban!
@maximberezin97 commented on GitHub (Jun 25, 2019):
Would be great to have fail2ban built in like the linuxserver/letsencrypt Docker container!
@ghost commented on GitHub (Jun 28, 2019):
Would also love to see fail2ban, or in the meantime, if anyone has been able to get it working manually and can share their setup/script
@Elmardus commented on GitHub (Jul 16, 2019):
Is there a (manual) way to use Nginx-proxy-manager reverse proxies in combination with Authelia 2FA? I love the proxy manager's interface and ease of use, and would like to use it together with a authentication service.
@jsternadel commented on GitHub (Sep 3, 2019):
+1 for both fail2ban and 2fa support. I would rank fail2ban as a primary concern and 2fa as a nice to have. With both of those features added i think this solution would be ready for smb production environments.
@neander commented on GitHub (Oct 12, 2019):
+1 for fail2ban support.
@slobberbone commented on GitHub (Oct 19, 2019):
+1 for fail2ban too !
@WesSec commented on GitHub (Oct 22, 2019):
Some update on fail2ban, since I don't see this happening anytime soon, I created a fail2ban filter myself. Create a file called "nginx-docker" in /etc/fail2ban/filder.d with the following contents
This will jail all requests that return a 4xx/3xx code on the main ip or a 400 on the specified hosts in the docker (no 300 here because of redirects used to force HTTPS)
enable the jail in the jail.local file:
The only issue is that docker sort of bypasses all iptables entries, fail2ban makes the entry but those are ignored by docker, resulting in having the correct rule in iptables or ufw, but not actually blocking the IP. Maybe someone in here has a solution for this.
@dariusateik commented on GitHub (Oct 22, 2019):
wessel145 - I have played with the same problem ( docker ip block ) few days :) finally I have working solution;
--ctorigdstport !!! mine looks like this and it works
customaction.conf
[INCLUDES]
before = iptables-common.conf
[Definition]
actionstart = -N f2b-
-A f2b- -j
-I DOCKER-USER -p -m conntrack --ctorigdstport --ctdir ORIGINAL -j f2b-
actionstop = -D DOCKER-USER -p -m conntrack --ctorigdstport --ctdir ORIGINAL -j f2b-
-X f2b-
actioncheck = -n -L DOCKER-USER | grep -q 'f2b-[ \t]'
actionban = -I f2b- 1 -s -j
actionunban = -D f2b- -s -j
[Init]
[nginx-docker]
enabled = true
logpath = /nginx-proxy-manager/data/logs/default_host.log
/nginx-proxy-manager/data/logs/proxy_host-*.log
banaction = customaction
maxretry = 3
bantime = 360
findtime = 60
NOTE: for docker to ban port need to use single port and option iptables -m conntrack --ctorigdstport --ctdir ORIGINAL
@dariusateik commented on GitHub (Oct 22, 2019):
my personal opinion nginx-proxy-manager should be ONLY nginx-proxy-manager ; as with docker concept fail2ban and etc, etc, you can have as separate containers; better to have one good nginx-proxy-manager without mixing; jc21/nginx-proxy-manager made nice job. ! thanks
@WesSec commented on GitHub (Dec 10, 2019):
@dariusateik i do not agree on that since the letsencrypt docker container also comes with fail2ban, 'all reverse proxy traffic' will go through this container and is therefore a good place to handle fail2ban.
@jsternadel commented on GitHub (Dec 10, 2019):
@dariusateik the other side of docker containers is to make deployment easy. Currently fail2ban doesn't play so well sitting in the host OS and working with a container. Setting up fail2ban is also a bit more advanced then firing up the nginx-proxy-manager container and using a UI to easily configure subdomains. Having f2b inside the npm container and pre-configured, similiar to the linuxio container, gives end users without experience in building jails and filters an extra layer of security. And those of us with that experience can easily tweak f2b to our liking. If you are using volumes and backing them up nightly you can easily move your npm container or rebuild it if necessary. I want to try out this container in a production environment but am hesitant to do so without f2b baked in. In production I need to have security, back ups, and disaster recovery.
@dariusateik commented on GitHub (Dec 10, 2019):
it is always - we could find many "yes" and many "no" ; there is no one answer... If npm will have it - why not; but i am using crazymax/fail2ban for this; more complexing docker, more possible mistakes; configs, etc; how will be or f2b integrated - should decide jc21
@jc21 commented on GitHub (Dec 10, 2019):
Personally I don't understand the fascination with f2b. There's talk about security, but I've worked for multi million dollar companies with massive amounts of sensitive customer data, used by government agencies and never once have we been hacked or had any suspicious attempts to gain access.
And we have never used f2b.
On one hand, this project's goals was for the average joe to be able to easily use HTTPS for their incoming websites; not become a network security specialist. I understand that there are malicious people out there and there are users who want to protect themselves, but is f2b the only way for them to do this?
On the other hand, f2b is easy to add to the docker container. It's the configuration of it that would be hard for the average joe. Anyone who wants f2b can take my docker image and build a new one with f2b installed.
Super secret stuff: I'm not working on v2 anymore, and instead slowly working on v3. I'll be considering all feature requests for this next version.
@dariusateik commented on GitHub (Dec 10, 2019):
100 % agree - > ... On the other hand, f2b is easy to add to the docker container
@Rami-Pastrami commented on GitHub (Jan 1, 2020):
hopping in to say that a 2fa solution (such the the one authelia brings) would be an amazing addition.
Authelia itself doesnt require a LDAP server or its own mysql database, it can use built in single file equivalents just fine for small personal installations
@JoschaMiddendorf commented on GitHub (Mar 30, 2020):
Any news on that?
@wtf911 commented on GitHub (Apr 18, 2020):
To y'all looking to use fail2ban with your nginx-proxy-manager in docker here's a tip:
In your jail.local file under where the section (jail) for nginx-http-auth is you need to add this line so when something is banned it routes through iptables correctly with docker:
chain = DOCKER-USER
@Nenodema commented on GitHub (Apr 22, 2020):
+1 for this thread. Thank jc21, great work!
@jonasrubensson commented on GitHub (Jul 14, 2020):
+1 Any news on this?
@EmmanuelZapata commented on GitHub (Aug 24, 2020):
+1 Last thing really need as of now. :)
@maxi1134 commented on GitHub (Sep 4, 2020):
+! Fail2ban would be amazing to secure our subdomains!
@jonasrubensson commented on GitHub (Oct 5, 2020):
Anyone who has a guide how to implement this by myself in the image?
@timmy1420 commented on GitHub (Oct 17, 2020):
Any update on this? Or will this be even implemented?
@iamNCJ commented on GitHub (Feb 7, 2021):
+1 Any news on this?
@pto199 commented on GitHub (Feb 23, 2021):
I too would like to see fail2ban implementation. Then I can finally switch over to Nginx proxy manager instead of using swag since this is so much easier and user friendly to use.
fail2ban already has a GUI developed for it as well (Called fail2web). I would love to see that implemented into NGinx proxy manager
@Aceriz commented on GitHub (Feb 28, 2021):
I would also love to see Fail2Ban implemented. It would be the final thing needed for me to switch to a much superior product!!!. Also would be great to see more formal support of GEOip2
@Antergosgeek commented on GitHub (May 4, 2021):
I switched to NPM recently and I have to say it has been great. The one thing I do find is missing is f2b. I have a separate container running f2b but it somehow doesn’t play well with NPM. I have trouble getting the real IPs my hope is that an integrate solution would solve that problem.
so +1 for fail2ban
@Nenodema commented on GitHub (May 5, 2021):
For all of you that would like to have f2b: try CloudFlare, the "free" edition can help you to make your NPM much safer, you can for example regulate which traffic from particular countries is allowed or blocked and your IP is not published to the entire world.
@chaptergy commented on GitHub (May 12, 2021):
I'll make this just Fail2Ban, for 2FA please use https://github.com/jc21/nginx-proxy-manager/issues/313
@Nico1320 commented on GitHub (Jul 18, 2021):
+1 for Fail2Ban, its absolutely necessary feature for applications that has no built in bruteforce protection.
@mgutt commented on GitHub (Jul 19, 2021):
Like to see Fail2Ban, too.
@chaptergy commented on GitHub (Jul 19, 2021):
As v2 is not actively developed, just patched by the official author, it will not be added in v2 unless someone from the community implements it and opens a pull request.
@hugalafutro commented on GitHub (Aug 29, 2021):
I adapted and modified examples from this thread and I think I might have it working with current npm release + fail2ban in docker:
run fail2ban in another container via https://github.com/crazy-max/docker-fail2ban
in fail2ban's
docker-compose.ymlmount npm log directory as read only like so:then create
data/filter.d/npm-docker.confwith contents:then create
data/jail.d/npm-docker.localwith contents:output of fail2ban running:
jail status:
What confuses me here is the banned address is the IP of vpn I use to access internet on my workstations. Nothing seems to be affected functionality-wise though. I confirmed the fail2ban in docker is working by repeatedly logging in with bad ssh password and that got banned correctly and I was unable to ssh from that host for configured period.
I'm not all that technical so perhaps someone else can confirm whether this actually works for npm.
@BaukeZwart commented on GitHub (Oct 19, 2021):
The above filter and jail are working for me, I managed to block myself. Thanks @hugalafutro
@mastan30 commented on GitHub (Oct 23, 2021):
@BaukeZwart , Can you please let me know how to add the ban because I added the ban action but it's not banning the IP. I can still log into to site.
This is the action I am using:
action = iptables-multiport
@BaukeZwart commented on GitHub (Oct 23, 2021):
@mastan30 I'm using cloudflare for all my exposed services and block IP in cloudflare using the API.
@mastan30 commented on GitHub (Oct 23, 2021):
@BaukeZwart Can we get free domain using cloudfare, I got a domain from duckdns and added it nginx reverse proxy but fail2ban is not banning the ip's, can I use cloudfare with free domain and nginx proxy, do you have any config for docker please?
My hardware is Raspberry Pi 4b with 4gb using as NAS with OMV, Emby, NPM reverse Proxy, Duckdns, Fail2Ban
@mastan30 commented on GitHub (Nov 1, 2021):
@BaukeZwart @hugalafutro
Finally I am able to ban Ip using fail2ban-docker, npm-docker and emby-docker.
i.e jail.d will have npm-docker.local,emby.local, filter.d will have npm-docker.conf,emby.conf and filter.d will have docker-action.conf,emby-action.conf respectively .
Folder: fail2ban/data/jail.d
npm-docker.local
emby.local
Folder: fail2ban/data/filter.d
emby.conf
npm-docker.conf
Folder: fail2ban/data/action.d
docker-action.conf
emby-action.conf
Solution: It's setting custom action to ban and unban and also use Iptables forward from forward to f2b-npm-docker, f2b-emby which is more configuring up docker network, my docker containers are all in forward chain network, you can change FOWARD to DOCKER-USER or INPUT according to your docker-containers network.
I used following guides to finally come up with this:
https://github.com/jc21/nginx-proxy-manager/issues/39#issuecomment-907795521 - setup
https://www.the-lazy-dev.com/en/install-fail2ban-with-docker/ - iptable commands etc ..
Hope this helps some one like me who is trying to solve the issues they face with fail2ban and docker networks :)
@pto199 commented on GitHub (Nov 10, 2021):
Almost 4 years now. I guess fail2ban will never be implemented :(. I guess Ill stick to using swag until maybe one day it does.
@posta246 commented on GitHub (Nov 12, 2021):
Hope I have time to do some testing on this subject, soon.
I have a question about @mastan30 solution: fail2ban-docker requires that fail2ban itself has to (or must not) be installed on the host machine (dont think, iti is in the container...)?
Because I have already use it to protect ssh access to the host... so to avoid conflicts it is not clear to me how to manage this situation (f.e. : I should unistall fail2ban on host and moving the ssh jail into the fail2ban-docker config... or what? I'm confused).
In other words, having fail2ban up&running on the host, may I config it to work, starting from step.2?
@mastan30 commented on GitHub (Nov 13, 2021):
Hi @posta246 , Yes my fail2ban is not installed directly on the container, I used it inside a docker-container and forwarded ip ban rules to docker chains. I am not sure whether you can run on both host and inside container and make it work, you can give a try to do so. But anytime having it either totally running on host or totally on Container for any software is best thing to do.
@posta246 commented on GitHub (Nov 13, 2021):
Hi, sorry me if I dont understand...:( I've tried to add the config file outside the container, fail2ban is running but seems to not catch the bad ip, i've tried your rules with fail2ban-regex too... but I noted:
[13/Nov/2021:12:16:40 +0000] 444 - GET https MY_IP "/" [Client 45.146.164.110] [Length 0] [Gzip -] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"while fallback*.log contain:
[13/Nov/2021:14:15:00 +0000] 444 - GET https ONE_OF_THEPROXIED_DOMAIN "/api/" [Client xx.xx.xx.xxx] [Length 0] [Gzip -] "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" "https://proxy_name"May you help me to catch the malicious clients in the fallbak*?
By the way, the jail is empty, maybe bacause some timezone errors... have to go deeply.
@posta246 commented on GitHub (Nov 13, 2021):
SUMMARY: it works, using the suggested config outside the container, on the host. Just need to understand if fallback file are useful
@henkiewie commented on GitHub (Dec 22, 2021):
It works for me also.
Adding the fallback files seems useful to me. So I added the fallback_.log and the fallback-.log to my jali.d/npm-docker.local. But is the regex in the filter.d/npm-docker.conf good for this? If I test I get no hits. I'm not an regex expert so any help would be appreciated.
@henkiewie commented on GitHub (Dec 23, 2021):
So why not make the failregex scan al log files including fallback*.log only for
Client.<HOST>if you have all local networks excluded and use a VPN for access. It works form me.
@NajibNour commented on GitHub (Jan 20, 2022):
The following regex does not work for me could anyone help me with understanding it?
UsingRegex:
Log output from npm:
DISREGARD It Works just fine! My dumbness
@TheUntouchable commented on GitHub (Feb 11, 2022):
I am currently using NPM with a MACVLAN, therefore the fail2ban container can read the mounted logs and create ip tables on the host, but the traffice from and to NPM is not going to the iptables of the host because of the MACVLAN and so banning does not work. Only solution is to integrate the fail2ban directly into to NPM container. So please let this happen! :)
@mwLabs-eu commented on GitHub (Feb 15, 2022):
Same for me, would be really great if it could added.
@arsaboo commented on GitHub (Mar 4, 2022):
@hugalafutro I tried that approach and it works. However, it has an unintended side effect of blocking services like Nextcloud or Home Assistant where we define the trusted proxies. For example, Nextcloud required you to specify the trusted domains (https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html). Similarly, Home Assistant requires trusted proxies (https://www.home-assistant.io/integrations/http/#trusted_proxies). Did you try this out with any of those?
@hugalafutro commented on GitHub (Mar 5, 2022):
@arsaboo I use both ha and nextcloud (and other 13-ish services, including mail server) with n-p-m set up with fail2ban as I outlined above without any issue.
I used to have all these on the same vm and it worked then, later I moved n-p-m to vm where my mail server is, and the vm with nextcloud and ha and other stuff is being tunelled via mullvad and everything still seems to work.
I just cobbled the fail2ban "integration" together from various tutorials, with zero understanding of iptables or docker networking etc. It seemed to work (as in I could see some addresses getting banned), for my configuration, but I'm not technically adept enough to say why it wouldn't for you.
edit:
for reference
in nextcloud I define the trusted proxy like so in config.php:
in ha I define it in configuration.yaml like so:
@captainabloc commented on GitHub (Apr 25, 2022):
Hi all,
not running on docker, but on a Proxmox LCX I managed to get a working jail watching the access list rules I setup.
In addition, being proxied by cloudflare, added also a custom line in config to get real origin IP.
/etc/fail2ban/filter.d/nginx-access.conf
/etc/fail2ban/jail.conf extract:
In NPM Edit Proxy Host added the following for real IP behind Cloudflare in Custom Nginx Configuration:
real_ip_header CF-Connecting-IP;hope this can be useful. Please let me know if any way to improve
@TituxMetal commented on GitHub (Sep 7, 2022):
This works for me: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/39#issuecomment-955873405
Hello @mastan30,
in this file fail2ban/data/jail.d/npm-docker.local
filter=npm-dockermust be specified otherwise the filter is not applied, in my tests my ip is always found and then banned even for no reason.I also adjusted the failregex in filter.d/npm-docker.conf, here is the file content:
Thank you it helps me so much!
@kmanwar89 commented on GitHub (Jan 28, 2023):
Referencing the instructions that @hugalafutro mentions here:
I attempted to follow your steps, however had a few issues:
The compose file you mention includes a .env file, however you didn't provide the contents of this file. Is it save to assume it is the default file from the developer's repository?
In the volume directive of the compose file, you mention the path as
- "../nginx-proxy-manager/data/logs/:/log/npm/:ro". I'm assuming this should be adjusted relative to the specific location of the NPM folder? In my case, my folder is just called "npm" and is within the~/servicesdirectory on my server, so I modified it to be (relative to the f2b compose file)../npm/data/logs.In your instructions, you mount the NPM files as /data/logs and mount it to /log/npm, but in this blog post, the author specifically mentions "Ensure that you properly bind mount the logs at /data/logs of your NPM reverse proxy into the Fail2ban docker container at /var/log/npm. Otherwise, Fail2ban is not able to inspect your NPM logs!". I've tried both, and both work, so not sure which is the "most" correct.
I followed the above linked blog and (on the second attempt) got the fail2ban container running and detecting my logs, but I do get an error which (I'm assuming) actually blocks any of the ban behavior from taking effect:
f2b | 2023-01-28T16:41:28.094008433Z 2023-01-28 11:41:28,093 fail2ban.actions [1]: ERROR Failed to execute ban jail 'npm-general-forceful-browsing' action 'action-ban-docker-forceful-browsing' info 'ActionInfo({'ip': '75.225.129.88', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7f0d4ec48820>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7f0d4ec48ee0>})': Error banning 75.225.129.88But what is interesting is that after 10 minutes, it DID un-ban the IP, though I never saw a difference in behavior, banned or otherwise:
f2b | 2023-01-28T16:51:41.122149261Z 2023-01-28 11:51:41,121 fail2ban.actions [1]: NOTICE [npm-general-forceful-browsing] Unban 75.225.129.88I then created a separate instance of the f2b container following your instructions, which also seem to work (at least so far).
Additionally, how did you view the status of the fail2ban jails? What command did you issue, I'm assuming, from within the f2b container itself?
I'm curious to get this working, but may actually try CrowdSec instead, since the developers officially support the integration into NPM.
@kmanwar89 commented on GitHub (Jan 28, 2023):
I followed the guide that @mastan30 posted and observed a successful ban (though 24 hours after 3 tries is a bit long, so I have to figure out how to un-ban myself). Additionally I tried what you said about adding the
filter=npm-dockerto my file injail.d, however I observed this actually did not detect the IP's, so I removed that line.So I have 2 "working" iterations, and need to figure out the best from each and begin to really understand what I'm doing, rather than blindly copying others' logs.
@hugalafutro commented on GitHub (Jan 29, 2023):
@kmanwar89
edit: most of your issues stem from having different paths / container / filter names imho, set it up exactly as I posted as that works to try it out, and then you can start adjusting paths and file locations and container names provided you change them in all relevant places. i.e. if you name your file instead of
npm-docker.localtohaha-hehe-hihi.local, you need to putfilter=haha-hehe-hihiinstead offilter=npm-dockeretc.inside the jail definition file matches the path you mounted the logs inside the f2b container
I do not want to comment on others instructions as the ones I posted are the only ones that ever worked for me.
For reference this is my current config that bans ip on 3 different nginx-proxy-manager installations, I have joined the npm and fail2ban containers into 1 compose now:
directory structuredocker-compose.ymldata_f2b/jail.d/npm-docker.localdata_f2b/filter.d/npm-docker.confcheck current bansexample output@hugalafutro commented on GitHub (Feb 17, 2023):
Apologies if this is offtopic, but if anyone doubts usefulness of adding f2b to npm or whether the method I used is working I'd like to share some statistics from my cloud server with exposed ssh and http(s) ports. Along banning failed attempts for n-p-m I also ban failed ssh log ins. Endlessh is a wonderful little app that sits on the default ssh port and drags out random ssh responses until they time out to waste the script kiddie's time and then f2b bans them for a month. Graphs are from LibreNMS.
I get about twice the amount of bans on my cloud based mailcow mail server, along the bans that mailcow itself facilitates for failed mail logins.
@alneven commented on GitHub (May 8, 2023):
@hugalafutro : just to make it sure, in a totally new setup, npm and fail2ban:
do I need something in this
action.dfolder?a
docker.conffile or something?with definition like
@hugalafutro commented on GitHub (May 8, 2023):
@alneven In both my setups using n-p-m+f2b the directory ended up empty. I'm not really sure what it's for (every tutorial for implementing f2b whether in docker or on the bare metal I followed only talks about making a filter and a jail).
@alneven commented on GitHub (May 8, 2023):
thanks for the prompt feedback, I will ignore it as well
@JS-E commented on GitHub (Sep 15, 2023):
Sorry to bump and old topic but i was considering trying to get this to work- Think it would be great to have another tab on the dashboard that shows you blocked IPs and various stats about fail2ban. Has anyone actually got this working nicely inside the nginx container? I do agree that i think it's better to have it all in one as it's the main entry point to services
@gzxiexl commented on GitHub (Oct 11, 2023):
I hope to merge the functions of Fail2Ban and make a dashboard to display the banned logs.
@JS-E commented on GitHub (Oct 11, 2023):
I love to help out where i can and i love the idea of having a dashboard to monitor what's been blocked and why. Maybe with the option to expose it to something like grafana? Just ideas
@samwathegreat commented on GitHub (Jan 19, 2024):
Add me to the list of people that would be eternally grateful to see fail2ban integration with npm. I use proxmox (LXC containers), so it would be great if this was available using the proxmox script and not just docker.
@captainabloc commented on GitHub (Jan 20, 2024):
it is! just install Fail2ban on your LXC after NPM install
@B0F1B0 commented on GitHub (Apr 20, 2024):
``> Hi all, not running on docker, but on a Proxmox LCX I managed to get a working jail watching the access list rules I setup. In addition, being proxied by cloudflare, added also a custom line in config to get real origin IP.
For me the /etc/fail2ban/filter.d/nginx-access.conf was not working to ban someone. With this nginx-access.conf it works
nano/etc/fail2ban/filter.d/nginx-access.conf@github-actions[bot] commented on GitHub (Oct 24, 2024):
Issue is now considered stale. If you want to keep it open, please comment 👍
@demlak commented on GitHub (Oct 24, 2024):
bad stale-bot! =)
@nollm commented on GitHub (Dec 21, 2024):
In Fail2Ban there are a series of standard filters (nginx-*.conf) for Nginx.
Is such a filter set perhaps already available for the Nginx Proxy Manager?
Or has someone already created such filters and would make them available to the community?
That would be great!
@tinkermesomething commented on GitHub (Apr 22, 2025):
so I mapped the logs folder locally and have been using that to get fail2ban to work, but I don't think it is....
@nmbrg commented on GitHub (Jun 11, 2025):
is there any chance of this (fail2ban) happening?
@github-actions[bot] commented on GitHub (Jan 4, 2026):
Issue is now considered stale. If you want to keep it open, please comment 👍
@Rukkrym commented on GitHub (Jan 6, 2026):
I want :)