Hello,
I want to configure fail2ban also for the web-gui of PBS. I followed the wiki and it worked well for PVE. I used the systemd-variant.
My PBS is installed directly on the PVE hypervisor and whatever I configure, fail2ban is not detecting failed login attempts. Maybe someone else already configure it correctly and want to share the config?
For PVE the following works without issues...
/etc/fail2ban/jail.local:
/etc/fail2ban/filter.d/proxmox.conf:
For PBS I tried...
together with /etc/fail2ban/filter.d/proxmox-backup.conf:
Many thanks.
I want to configure fail2ban also for the web-gui of PBS. I followed the wiki and it worked well for PVE. I used the systemd-variant.
My PBS is installed directly on the PVE hypervisor and whatever I configure, fail2ban is not detecting failed login attempts. Maybe someone else already configure it correctly and want to share the config?
For PVE the following works without issues...
/etc/fail2ban/jail.local:
Code:
[proxmox]
enabled = true
port = https,http,8006
filter = proxmox
backend = systemd
maxretry = 5
findtime = 10m
bantime = 1m
journalmatch = _SYSTEMD_UNIT=pvedaemon.service
/etc/fail2ban/filter.d/proxmox.conf:
Code:
[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =
For PBS I tried...
Code:
[proxmox-backup]
enabled = true
port = https,http,8007
filter = proxmox-backup
backend = systemd
maxretry = 5
findtime = 10m
bantime = 1m
journalmatch = _SYSTEMD_UNIT=proxmox-backup.service
together with /etc/fail2ban/filter.d/proxmox-backup.conf:
Code:
[Definition]
failregex = proxmox-backup\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =
Many thanks.