When you turn on the Cloudflare proxy for your website, if it is scanned or attacked, fail2ban will block the CDN node IP by default. Now we combine Fail2ban and cloudflare to intercept the attacker’s IP in Cloudflare 1. Set up your Cloudflare API information It should be noted that we have to fill in the global Token Click the Test Connection button , the setting is correct, it will prompt the connection is successful 2. Create website protection If you need to protect multiple URIs, please fill in one per line 3. Test the interception effect We continuously access our protected uri in the browser or terminal. When the number of visits reaches the blocking threshold, the malicious IP will be blocked by Cloudflare.

aaPanel_Jose thanks, very useful feature.

aaPanel_Jose Hi I'm receiving this error. whenever i click the test connection. Sorry, something went wrong： Traceback (most recent call last): File "class/flask_sockets.py", line 30, in __call__ handler, values = adapter.match() File "/www/server/panel/pyenv/lib/python3.7/site-packages/werkzeug/routing.py", line 1945, in match raise NotFound() werkzeug.exceptions.NotFound: 404 Not Found: The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again. During handling of the above exception, another exception occurred: Traceback (most recent call last): File "class/panelPlugin.py", line 1981, in a return eval(execStr) File "", line 1, in File "plugin/fail2ban/fail2ban_main.py", line 490, in test_cdn_auth_info cdn_module = self.load_cdn_module(values['cdn_provide']) File "plugin/fail2ban/fail2ban_main.py", line 483, in load_cdn_module cdn_module = __import__('{}'.format(cdn_provide)) ModuleNotFoundError: No module named 'cloudflare' if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); }

swsemnto please check if this file exists /www/server/panel/plugin/fail2ban/cdn/cloudflare.py if exists try to restart the panel if no exists please try to reinstall fail2ban

aaPanel_Jose cloudflare.py doesn't exist i tried reinstall fail2ban. uninstall fail2ban restart panel then install fail2ban. same error

swsemnto please show me the installation log cat /tmp/panelShell.pl

aaPanel_Jose Im so sorry for late reply, should i include everything? thanks `Please do not forget to update your configuration files. They are in "/etc/fail2ban/". You can also install systemd service-unit file from "build/fail2ban.service" resp. corresponding init script from "files/*-initd". {"product": "Linux panel", "setup_path": "/www/server", "openlitespeed_path": "/usr/local", "language": "English", "title": "aaPanel Linux panel", "brand": "aaPanel", "root_path": "/www", "template": "default", "logs_path": "/www/wwwlogs", "home": " https://console.aapanel.com ", "recycle_bin": true} --2021-05-15 06:41:01-- http://128.1.164.196/install/plugin/fail2ban_en/fail2ban_main.py Connecting to 128.1.164.196:80... connected. HTTP request sent, awaiting response... 200 OK Length: 39277 (38K) [application/octet-stream] Saving to: ‘/www/server/panel/plugin/fail2ban/fail2ban_main.py’ 0K .......... .......... .......... ........ 100% 130K=0.3s if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } 2021-05-15 06:41:02 (130 KB/s) - ‘/www/server/panel/plugin/fail2ban/fail2ban_main.py’ saved [39277/39277] --2021-05-15 06:41:02-- http://128.1.164.196/install/plugin/fail2ban_en/index.html Connecting to 128.1.164.196:80... connected. HTTP request sent, awaiting response... 200 OK Length: 57553 (56K) [text/html] Saving to: ‘/www/server/panel/plugin/fail2ban/index.html’ 0K .......... .......... .......... .......... .......... 88% 171K 0s 50K ...... 100% 42.7K=0.4s if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } 2021-05-15 06:41:03 (128 KB/s) - ‘/www/server/panel/plugin/fail2ban/index.html’ saved [57553/57553] --2021-05-15 06:41:03-- http://128.1.164.196/install/plugin/fail2ban_en/info.json Connecting to 128.1.164.196:80... connected. HTTP request sent, awaiting response... 200 OK Length: 333 [application/json] Saving to: ‘/www/server/panel/plugin/fail2ban/info.json’ 0K 100% 44.2M=0s if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } 2021-05-15 06:41:03 (44.2 MB/s) - ‘/www/server/panel/plugin/fail2ban/info.json’ saved [333/333] --2021-05-15 06:41:03-- http://128.1.164.196/install/plugin/fail2ban_en/icon.png Connecting to 128.1.164.196:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4839 (4.7K) [image/png] Saving to: ‘/www/server/panel/plugin/fail2ban/icon.png’ 0K .... 100% 261M=0s if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } 2021-05-15 06:41:03 (261 MB/s) - ‘/www/server/panel/plugin/fail2ban/icon.png’ saved [4839/4839] --2021-05-15 06:41:03-- http://128.1.164.196/install/plugin/fail2ban_en/jail.local Connecting to 128.1.164.196:80... connected. HTTP request sent, awaiting response... 200 OK Length: 491 [application/octet-stream] Saving to: ‘/etc/fail2ban/jail.local’ 0K 100% 47.5M=0s if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } 2021-05-15 06:41:04 (47.5 MB/s) - ‘/etc/fail2ban/jail.local’ saved [491/491] --2021-05-15 06:41:04-- http://128.1.164.196/install/plugin/fail2ban_en/fail2ban.service Connecting to 128.1.164.196:80... connected. HTTP request sent, awaiting response... 200 OK Length: 693 [application/octet-stream] Saving to: ‘/lib/systemd/system/fail2ban.service’ 0K 100% 74.2M=0s if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } 2021-05-15 06:41:04 (74.2 MB/s) - ‘/lib/systemd/system/fail2ban.service’ saved [693/693] *.info;mail.none;authpriv.none;cron.none /var/log/messages`

I have the same error Sorry, something went wrong： Traceback (most recent call last): File "class/flask_sockets.py", line 30, in call handler, values = adapter.match() File "/www/server/panel/pyenv/lib/python3.7/site-packages/werkzeug/routing.py", line 1945, in match raise NotFound() werkzeug.exceptions.NotFound: 404 Not Found: The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again. During handling of the above exception, another exception occurred: Traceback (most recent call last): File "class/panelPlugin.py", line 1981, in a return eval(execStr) File "", line 1, in File "plugin/fail2ban/fail2ban_main.py", line 619, in set_anti return self.set_scan_anti(values) File "plugin/fail2ban/fail2ban_main.py", line 431, in set_scan_anti result = self.active_cdn(values) File "plugin/fail2ban/fail2ban_main.py", line 517, in active_cdn return cf.main(values) File "/www/server/panel/plugin/fail2ban/cdn/cloudflare.py", line 158, in main self.set_webserver_log(data) File "/www/server/panel/plugin/fail2ban/cdn/cloudflare.py", line 79, in set_webserver_log self.set_apache_log() TypeError: set_apache_log() missing 1 required positional argument: 'data'

angelitoflow @swsemnto Please reinstall fail2ban again

aaPanel_Jose Perfect! Its possible with fail2ban to set some specific whitelisted dirs such as white IP?

How to Integrate fail2ban with CloudFlare

aaPanel_Jose

KrzysztofMaciejewski
It seems that there is no problem, can you provide me with the login information of the panel?

KrzysztofMaciejewski

aaPanel_Jose yes

already send you an email

Thanks

KrzysztofMaciejewski

aaPanel_Jose Jose did you see my mail ?

aaPanel_Jose

KrzysztofMaciejewski
problem has been solved

This is because your OLS does not have write permission in the /www/wwwlogs directory, and the newly installed OLS will not have this problem

I set the permission for your directory /www/wwwlogs to 777 and the problem is solved

The correct way is to change the nobody user to www user in the OLS configuration file
/usr/local/lsws/conf/httpd_config.conf

KrzysztofMaciejewski

aaPanel_Jose thanks for you support!!

i found small bug - every time i run "Fix panel" button /www/wwwlogs folder lose 777 permissions and logs cant be created

aaPanel_thisyear

KrzysztofMaciejewski Hello, repair panel, key directory permissions will be detected automatically. Key directory default permissions are restored.

This design is for safety.

In addition, it is not recommended to set 777 permissions on the directory, which means that everyone can have read-write execution permissions. This increases the risk of the server being invaded.

If you have to set 777 permissions to the / www / wwwlogs directory, you can execute the following command settings on the server command line

chmod 777 /www/wwwlogs

KrzysztofMaciejewski

and one question

which log format do we need to properly works this module:

default:

logFormat "%v %h %l %u %t "%r" %>s %b"

or enhanced:

logFormat '%{X-Forwarded-For}i %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"'

aaPanel_thisyear

KrzysztofMaciejewski Hello, log format, generally do not need to manually set, with the default. About which log format can work normally, this needs testing to know.

KrzysztofMaciejewski

ok thanks

thanks guys for support!

Free

Hello when I try to integrate cloudflare with fail2ban I get a failed connection that needs to be set in cloudflare to api tokens maybe I didn't set something right.

aapanel_power

Free Hello, Fail2ban this plugin does not seem to be smart for CDN sites, he will block the IP of the CDN, so please do not use Fail2ban to protect your site if your site uses a CDN

Free

aapanel_power Thanks a lot for the answer.

Yamiraan

aapanel_power what if i use CDN Provide section in fail2ban, and add my email and global token, also cloudflare IPs are in whitelist, so you still not suggest to use fail2ban with cloudflare?

aapanel_power

Yamiraan CF whitelist is not fixed, so your feedback this is not realistic, I still do not recommend the use of CDN in the case of Fail2ban this plug-in

aapanel_user

aapanel_power This thread is about integrating cf and fail2ban, but you don't recommend using this instruction? So why did you add it?

Yamiraan

aapanel_power ok thanks for your reply, at the moment im using fail2ban for server level, not for website level, please fix fail2ban + CF in priority, Thanks

aapanel_user

aaPanel_Jose Fix this regex in anti-CC config. If http2 is enabled rule does not work.
[Definition] failregex = (,)?<HOST> .*- .*HTTP/1.* .* .*$ ignoreregex =

« Previous Page