---
title: "Fail2ban"
weight: 1
# bookFlatSection: false
# bookToc: true
# bookHidden: false
# bookCollapseSection: false
# bookComments: false
# bookSearchExclude: false
---

# Fail2ban

## Installation
Installer le paquet `fail2ban`.

## Configuration
```ini
[DEFAULT]
bantime = 1h
bantime.increment = true

ignoreip = 127.0.0.1/8 ::1

banaction = ufw[comment="fail2ban"]
banaction_allports = ufw[type=allports,comment="fail2ban"]

destemail = ...
sender = ...

action = %(action_mwl)s
```

### Services
```ini
[sshd]
enabled = true
mode = aggressive

[postfix]
enabled = true
mode = aggressive

[dovecot]
enabled = true
mode = aggressive

[bitwarden]
enabled = true
logpath = /var/log/vaultwarden.log

[nginx-http-auth]
enabled = true

[nginx-botsearch]
enabled = true

[sieve]
enabled = true

[nextcloud]
enabled = true
logpath = /var/log/nextcloud/nextcloud.log
```

## Démarrage
Activer le service `fail2ban.service`.