How to configure Fail2Ban for PBS

Starbase

New Member
Apr 13, 2024
2
1
1
Hello,

I want to configure fail2ban also for the web-gui of PBS. I followed the wiki and it worked well for PVE. I used the systemd-variant.
My PBS is installed directly on the PVE hypervisor and whatever I configure, fail2ban is not detecting failed login attempts. Maybe someone else already configure it correctly and want to share the config?

For PVE the following works without issues...

/etc/fail2ban/jail.local:
Code:
[proxmox]
enabled = true
port = https,http,8006
filter = proxmox
backend = systemd
maxretry = 5
findtime = 10m
bantime = 1m
journalmatch = _SYSTEMD_UNIT=pvedaemon.service

/etc/fail2ban/filter.d/proxmox.conf:
Code:
[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =

For PBS I tried...

Code:
[proxmox-backup]
enabled = true
port = https,http,8007
filter = proxmox-backup
backend = systemd
maxretry = 5
findtime = 10m
bantime = 1m
journalmatch = _SYSTEMD_UNIT=proxmox-backup.service

together with /etc/fail2ban/filter.d/proxmox-backup.conf:
Code:
[Definition]
failregex = proxmox-backup\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =

Many thanks.
 
Hi!
did not try this myself, but:
the name of the binary is "proxmox-backup-api", so maybe try:
failregex = proxmox-backup-api\[.*authentication failure; rhost=<HOST> user=.* msg=.*
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!