ytddewqf Posted August 27, 2020 Share Posted August 27, 2020 (edited) Hi, I have the below Dockers running and everything seems to be going well. I checked in on my Cloudflare dashboard and was surprised/shocked at the amount of attempts to access my site there have been. USA, Germany, Brazil, all sorts, from all places. Now I don't know how many of these are genuine or are some sort of "bot" for backend systems scouring the Internet, however regardless, I want to ensure that I do all that I can to protect my server. I have utilised all of Cloudflares services to help, such as geoIP blocking, but I want to cover all bases. I only have three ports open, 80, 443 and one for my WireGuard VPN. 80 and 443 are running behind NginxProxyManager and there is nothing in my unRAID logs to cause me any concern, at present. I wanted to use Fail2Ban that was incorporated into Linuxserver/Letsencrypt however I have (as of yesterday) made the move over to NginxProxyManager and they do not include it unfortunately. I am still very much the unRAID novice, and have looked around for something to meet my needs however I have come up short. Is there anyone whom could point me in the right direction please? Many thanks. P.S. I'm currently watching the film "Snowden" and I want to unplug my server from the Internet. 🤣 Edited August 27, 2020 by LoneTraveler Quote Link to comment
Angryman Posted August 28, 2020 Share Posted August 28, 2020 Hi there, I don't have a config guide but fail2ban looks at a log and if the log meets the requirements then blocks the IP of the incoming connection for a period of time you set. I have fail2ban working on let's encrypt with bitwarden. What I would suggest is get the login logs of the apps you want to run with fail2ban and have them writing to a share in unraid. once that is done then you need to look at how to install fail2ban on your reverse proxy. I don't know enough about docker and when it gets updated if what you install into it gets removed. Quote Link to comment
ytddewqf Posted August 29, 2020 Author Share Posted August 29, 2020 On 8/28/2020 at 10:51 AM, Angryman said: Hi there, I don't have a config guide but fail2ban looks at a log and if the log meets the requirements then blocks the IP of the incoming connection for a period of time you set. I have fail2ban working on let's encrypt with bitwarden. What I would suggest is get the login logs of the apps you want to run with fail2ban and have them writing to a share in unraid. once that is done then you need to look at how to install fail2ban on your reverse proxy. I don't know enough about docker and when it gets updated if what you install into it gets removed. Hi, Thanks for the suggestion, I hope to be able to go down that route. Just need to find a way to get fail2ban up and running now. 👍 Quote Link to comment
frakman1 Posted January 1, 2021 Share Posted January 1, 2021 How come fail2ban isn't running natively on UnRaid? Is that possible? 1 Quote Link to comment
Aceriz Posted February 23, 2021 Share Posted February 23, 2021 On 8/27/2020 at 12:53 PM, LoneTraveler said: Hi, I have the below Dockers running and everything seems to be going well. I checked in on my Cloudflare dashboard and was surprised/shocked at the amount of attempts to access my site there have been. USA, Germany, Brazil, all sorts, from all places. Now I don't know how many of these are genuine or are some sort of "bot" for backend systems scouring the Internet, however regardless, I want to ensure that I do all that I can to protect my server. I have utilised all of Cloudflares services to help, such as geoIP blocking, but I want to cover all bases. I only have three ports open, 80, 443 and one for my WireGuard VPN. 80 and 443 are running behind NginxProxyManager and there is nothing in my unRAID logs to cause me any concern, at present. I wanted to use Fail2Ban that was incorporated into Linuxserver/Letsencrypt however I have (as of yesterday) made the move over to NginxProxyManager and they do not include it unfortunately. I am still very much the unRAID novice, and have looked around for something to meet my needs however I have come up short. Is there anyone whom could point me in the right direction please? Many thanks. P.S. I'm currently watching the film "Snowden" and I want to unplug my server from the Internet. 🤣 Had you been able to figure out how to get FAIL2BAN working with Nginx Proxy manager.. ? I am considering the move over but didn't want to as I have it working with SWAG... Quote Link to comment
ytddewqf Posted February 23, 2021 Author Share Posted February 23, 2021 11 hours ago, Aceriz said: Had you been able to figure out how to get FAIL2BAN working with Nginx Proxy manager.. ? I am considering the move over but didn't want to as I have it working with SWAG... Hi, Unfortunately not, however I do prefer the simplicity of NPM. If Fail2ban is ever implemented, it would top of an already excellent program. Quote Link to comment
Aceriz Posted February 23, 2021 Share Posted February 23, 2021 6 minutes ago, LoneTraveler said: Hi, Unfortunately not, however I do prefer the simplicity of NPM. If Fail2ban is ever implemented, it would top of an already excellent program. I would second this.. Do you know at all if NPM is setup with GeoIP and how to go about enabling this? Quote Link to comment
ytddewqf Posted February 23, 2021 Author Share Posted February 23, 2021 15 minutes ago, Aceriz said: I would second this.. Do you know at all if NPM is setup with GeoIP and how to go about enabling this? I'm afraid I don't know the answer to that, if it is then I'm not aware of it. Quote Link to comment
Built2Succeed Posted January 13, 2022 Share Posted January 13, 2022 Did you get fail2ban setup? I was able to get fail2ban setup running inside its own container. I have vaultwarden, Nginx Proxy Manager, and fail2ban running with cloudflare. I have argo tunnel (cloudflare tunnel) setup on cloudflare. It took me a week or so to figure out the setup because it's a little tricky. I'd be happy to help anyone who needs help setting up. Quote Link to comment
JohnECB Posted January 23, 2022 Share Posted January 23, 2022 On 1/13/2022 at 4:39 AM, Built2Succeed said: Did you get fail2ban setup? I was able to get fail2ban setup running inside its own container. I have vaultwarden, Nginx Proxy Manager, and fail2ban running with cloudflare. I have argo tunnel (cloudflare tunnel) setup on cloudflare. It took me a week or so to figure out the setup because it's a little tricky. I'd be happy to help anyone who needs help setting up. Hi @Built2Succeed can I take you up on that offer? I already have Ngnix Proxy Manager and Argo tunnels setup. thanks Quote Link to comment
Built2Succeed Posted January 27, 2022 Share Posted January 27, 2022 Sure. it's fairly easy, but there are some snags along the way. what have you done and where are you getting stuck? Quote Link to comment
Sinister Posted August 27, 2023 Share Posted August 27, 2023 On 1/12/2022 at 11:39 PM, Built2Succeed said: Did you get fail2ban setup? I was able to get fail2ban setup running inside its own container. I have vaultwarden, Nginx Proxy Manager, and fail2ban running with cloudflare. I have argo tunnel (cloudflare tunnel) setup on cloudflare. It took me a week or so to figure out the setup because it's a little tricky. I'd be happy to help anyone who needs help setting up. Would you be able to tell me what path i am suppose to put in the screenshot specifically ? 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.