Fail2Ban Alternatives

Similar projects and alternatives to Fail2Ban

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better Fail2Ban alternative or higher similarity.

Fail2Ban reviews and mentions

Posts with mentions or reviews of Fail2Ban. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-01-22.
  • Configuring Fail2ban for Traefik Reverse Proxy
    3 projects | reddit.com/r/selfhosted | 22 Jan 2023
    I've played a bit with Traefik as reverse proxy and wanted to implement fail2ban for it, after switching from Nginx Proxy Manager. It finally works and successfully bans threat actors that conduct malicous HTTP requests. As soon as a multitude of HTTP errors are detected by fail2ban in Traefik's JSON access logs, the attacker's IP address is banned. I am using a dockerized fail2ban container and ban locally via iptables as well as optionally on Cloudflare, using Cloudflare's API. A ban notification via Telegram can also be configured.
  • SSHGuard
    3 projects | news.ycombinator.com | 26 Nov 2022
  • About the roadmap...
    2 projects | reddit.com/r/ethereum | 8 Nov 2022
    However I do not merely rely on this trust. I monitor my systems aggressively. I implement additional security measures to mitigate my exposure and liability. There are systems like fail2ban and login-shield that I use as additional layers (and have audited the code - these systems are a lot simpler than Linux - it's unrealistic for anybody to actually fully-audit the Linux kernel).
  • Fail2Ban Release 1.0.1 (2022/09/27)
    2 projects | reddit.com/r/CKsTechNews | 14 Oct 2022
  • How to access Docker containers on home server from public IP?
    6 projects | reddit.com/r/selfhosted | 4 Oct 2022
    You need to setup reverse proxy. nginx-proxy-manager, swag. There are also more options like caddy, haproxy etc... You can also setup a VPN and or a service like authelia, fail2ban, crowdsec to restrict access to your site.
  • Newbie help...docker, portainer, godaddy
    6 projects | reddit.com/r/selfhosted | 14 Sep 2022
    You need to look into reverse proxy. Most common one is nginx-proxy-manager which has a nice GUI. There is also SWAG. Both can been configured to get free SSL certificates. For security: authelia, fail2ban, crowdsec. I also suggest to configure wireguard, wg-easy. If you have any questions, we are here. Welcome and good luck!
  • PSA: Guys, don't expose RDP, there is even public automated tools for bruteforce (at least change port + enable Lock out, ideally Guacamole)
    2 projects | reddit.com/r/homelab | 24 Aug 2022
    This is the fail2ban I'm talking about. https://github.com/fail2ban/fail2ban/wiki It basically add IPs to a list of blocked IPs if the SSH login fails too many times. I later switched to public/private key for ssh auth but I never turned off fail2ban while I had the server running.
  • fail2ban log says "banned" but IP still able to connect
    2 projects | reddit.com/r/selfhosted | 6 May 2022
    # actionflush = -F f2b- [Init] # Option: chain # Notes specifies the iptables chain to which the Fail2Ban rules should be # added # Values: STRING Default: INPUT chain = INPUT # Default name of the chain # name = default # Option: port # Notes.: specifies port to monitor # Values: [ NUM | STRING ] Default: ## port = ssh # Option: protocol # Notes.: internally used by config reader for interpolations. # Values: [ tcp | udp | icmp | all ] Default: tcp # protocol = tcp # Option: blocktype # Note: This is what the action does with rules. This can be any jump target # as per the iptables man page (section 8). Common values are DROP # REJECT, REJECT --reject-with icmp-port-unreachable # Values: STRING blocktype = BLOCK # Option: returntype # Note: This is the default rule on "actionstart". This should be RETURN # in all (blocking) actions, except REJECT in allowing actions.# Values: STRING returntype = RETURN # Option: lockingopt # Notes.: Option was introduced to iptables to prevent multiple instances from # running concurrently and causing irratic behavior. -w was introduced # in iptables 1.4.20, so might be absent on older systems # See https://github.com/fail2ban/fail2ban/issues/1122 # Values: STRING lockingopt = -w # Option: iptables # Notes.: Actual command to be executed, including common to all calls options # Values: STRING iptables = iptables [Init?family=inet6] # Option: blocktype (ipv6) # Note: This is what the action does with rules. This can be any jump target # as per the iptables man page (section 8). Common values are DROP # REJECT, REJECT --reject-with icmp6-port-unreachable # Values: STRING blocktype = REJECT --reject-with icmp6-port-unreachable # Option: iptables (ipv6) # Notes.: Actual command to be executed, including common to all calls options # Values: STRING iptables = ip6tables
  • fail2ban with Cloudflare Proxy
    2 projects | reddit.com/r/selfhosted | 2 Feb 2022
    Use the builtin fail2ban's cloudflare plugin (https://github.com/fail2ban/fail2ban/blob/master/config/action.d/cloudflare.conf)
  • Was my raspberry hacked?
    4 projects | reddit.com/r/linuxadmin | 29 Oct 2021
    If you are worried about hacking attempts, installing fail2ban will help.
  • A note from our sponsor - Sonar
    www.sonarsource.com | 2 Feb 2023
    Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work. Learn more →

Stats

Basic Fail2Ban repo stats
38
7,849
7.5
2 days ago
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com