ERPNext Foundation ERPNext Cloud User Manual Blog Discuss Frappé* Donate

ERPNext stop responding to a specific ip address because of Fail2Ban


#1

Fail2ban is blocking my ip address and I’m not sure why.

Same thing at work. I’m on ubuntu.

What can be do to prevent nginx-proxy jail to block my ip?
I can whitelist my ip but I dont have a static one so any suggestions?


#2

could be possible to take a look at nginx-proxy.conf?


#3

same thing happens with me


#4

If your connection coming from a fix IP address you can add it to ignoreip in jail.conf

# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
# ban a host which matches an address in this list. Several addresses can be
# defined using space (and/or comma) separator.
ignoreip = 127.0.0.1/8

Furthermore, do you have also SELinux or AppArmor enabled?
First, try to disable it and check if you are banned again.
If problem persists, re-enable SELinux and modify nginx-proxy.conf like this:

[nginx-proxy]
enabled = true
filter = nginx-proxy
logpath = /var/log/nginx/access.log
action = iptables-multiport[name=NoNginxProxy, port="http,https"]
maxretry = 10
bantime  = 60
findtime = 120

Increase maxretry to 10, reduce bantime to 60 seconds, reduce findtime to 120 seconds.
This, of course, must be balanced between the grade of security you want and the block that you receiving.


#5

Run this in terminal

/etc/init.d/fail2ban stop

#6

Thanks for your suggestions.
The access.log seems to show multiple 499 errors and I guess it’s the reason why.