Need help?

Our experts have had an average response time of 13.14 minutes in February 2024 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

Setup fail2ban maxretry value

by | Dec 4, 2019

Trying to set a number for failed attempts to block the IP? We can help you with it by changing the Fail2ban maxretry value.

Fail2ban works by getting information from SSH, ProFTP, Apache logs, etc..

At Bobcares, we often get requests from our customers regarding fail2ban as part of Server Management Services.

Today, let’s discuss maxretry in fail2ban and see how our Support Engineers change the maxretry value.

 

Explore more about maxretry

Fail2ban scans log files and ban IPs that sign malicious. It is mainly used to protect servers from brute-force attacks.

The maxretry in fail2ban lets us set the number of failed attempts for the IP address to be blocked in the server.

By default, the value is set to 3. However, we can modify it based on our requirements.

 

How we change Fail2ban maxretry?

Recently one of our customers requested us to change the fail2ban maxentry for SSH connection. Let’s see how our Support Engineers change the maxentry.

Changing Fail2ban maxretry in server

The fail2ban configuration files are present in /etc/fail2ban/ and the ssh filter is present in /etc/fail2ban/filter.d/sshd.conf.

To change the maxretry we open the file jail.local located at

vi /etc/fail2ban/jail.local

The default configuration file is fail2ban.conf. So, we advise our customers to create a separate configuration file jail.conf and manage from it.

Now we locate the ssh host in the file and change the maxretry to 5.

[ssh]
enabled = true
port = 4354
filter = sshd
logpath = /var/log/auth.log
maxretry = 5

After making the changes we save the file.

Finally, we restart the service by running the following command.

service fail2ban restart

 

Changing Fail2ban maxretry in Plesk

From the Plesk panel, we can block the IP address based on the number of failed attempts. Let’s now go through the steps to do the same.

1. First, we log in to Plesk using an administrator account.

2. Next, we go to Tools & Settings and click on IP Address Banning(Fail2Ban). Then we click on the settings tab.

3. We can specify the number in “Number of failures before the IP address is banned

Fail2ban maxretry

4. Finally, we apply the changes.

It will automatically block the IP address after the number of login attempts failed.

 

Possible error for Fail2ban maxretry

Let’s discuss the possible errors for the IP address not banned in fail2ban.

 

IP not blocked in maxretry

This usually occurs when the findtime is incorrect. The findtime will count the number of failed attempts. And the default time is 10 minutes.

So if there are 5 login attempts failure within 10 minutes fail2ban will block the IP. Else the IP will not be blocked. We can make the changes to findtime based on our requirements.

 

Incorrect entry in jail.local

If the configuration is incorrect in the jail.local file. As a result, it will not blacklist the IP. Our Support Engineers always make sure the details in the configuration are right.

 

[Need any assistance in fixing Fail2ban errors? We’ll help you]

 

Conclusion

In short, we have discussed the fail2ban maxretry. We have also discussed how our Support Engineers set maxretry for SSH and the possible error.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Categories

Tags

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF