Fail2Ban Banning but not Blocking #2971

New Issue

Closed

opened 2026-04-06 04:21:02 +02:00 by MrUnknownDE · 0 comments

MrUnknownDE commented 2026-04-06 04:21:02 +02:00

Owner

Copy Link

Originally created by @abcde57219 on 4/22/2020

Thank you for providing the information on this repository. I set up Fail2Ban shortly after installing BitwardenRS a month or two ago. At that time, Fail2Ban seemed to be working. I checked it this weekend, and although my IP is being banned in the logs, I can still successfully log into BitwardenRS. I have also setup notifications and receive an e-mail that I have been banned when I try to log in 5 times.

I am running BitwardenRS using the bitwardenrs/server:latest docker image and Fail2Ban using crazymax/fail2ban:latest docker image. I am using a Synology NAS with a reverse proxy to access BitwardenRS. A couple of approaches I have tried to fix the issue include:

• Adding the NAS ports and the reverse proxy port in addition to the BitwardenRS container's ports.
• Adding /action.d/iptables-allports.local to try to kill any existing connections as I read this could be an issue. I only receive error messages in the log when I try this.
• Adding chain=FORWARD to the /jail.d/bitwarden.local file. However, I did not think this necessary because I am using a reverse proxy.
• I have made sure the timezone is the same in all areas.
• I tried on my cellphone using the cellphone network IP.

Please let me know if you think there is anything else I can try.

Here is from my logs:

2020-04-19 01:17:59,883 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:17:59
2020-04-19 01:18:01,059 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:01
2020-04-19 01:18:01,913 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:01
2020-04-19 01:18:02,694 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:02
2020-04-19 01:18:03,488 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:03
2020-04-19 01:18:03,714 fail2ban.actions  [1]: NOTICE  [bitwarden] Ban myip
2020-04-19 01:18:04,326 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:04
2020-04-19 01:18:05,230 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:05
2020-04-19 01:18:06,091 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:06
2020-04-19 01:18:07,562 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:07
2020-04-19 01:18:09,345 fail2ban.filter   [1]: INFO    [bitwarden] Found myip - 2020-04-19 01:18:09
2020-04-19 01:18:10,933 fail2ban.actions [1]: NOTICE  [bitwarden] myip already banned

Here is from my /jail.d/bitwarden.local:

[bitwarden]
enabled = true
port = 80,3012
filter = bitwarden
action = iptables-allports[name=Bitwarden]
         sendmail-whois[name=Bitwarden, dest=myemail@email.com]
logpath = /bitwarden/bitwarden.log
maxretry = 5
bantime = 14400
findtime = 14400

Here is from my /filter.d/bitwarden.local:

[INCLUDES]
before = common.conf

[Definition]
failregex = ^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$
ignoreregex =

Here is from my /action.d/iptables-common.local:

[Init]
blocktype = DROP
[Init?family=inet6]
blocktype = DROP

Here is from my docker-compose.yml:

version: '3'
services:
  fail2ban:
    container_name: fail2ban
    restart: always
    image: crazymax/fail2ban:latest
    environment: 
    - TZ=Etc/UTC
    - F2B_DB_PURGE_AGE=1d
    - F2B_LOG_TARGET=/data/fail2ban.log
    - F2B_LOG_LEVEL=INFO
    - F2B_IPTABLES_CHAIN=INPUT
    - SSMTP_HOST=smtp.email.com
    - SSMTP_PORT=port
    - SSMTP_HOSTNAME=email
    - SSMTP_USER=myemail@email.com
    - SSMTP_PASSWORD=mypassword
    - SSMTP_TLS=YES
    - SSMTP_STARTTLS=Yes

    volumes:
    - /volume1/docker/fail2ban:/data
    - /volume1/docker/bitwarden:/bitwarden:ro

    network_mode: "bridge"

    privileged: true
    cap_add:
        - NET_ADMIN
        - NET_RAW

*Originally created by @abcde57219 on 4/22/2020* Thank you for providing the information on this repository. I set up Fail2Ban shortly after installing BitwardenRS a month or two ago. At that time, Fail2Ban seemed to be working. I checked it this weekend, and although my IP is being banned in the logs, I can still successfully log into BitwardenRS. I have also setup notifications and receive an e-mail that I have been banned when I try to log in 5 times. I am running BitwardenRS using the bitwardenrs/server:latest docker image and Fail2Ban using crazymax/fail2ban:latest docker image. I am using a Synology NAS with a reverse proxy to access BitwardenRS. A couple of approaches I have tried to fix the issue include: - Adding the NAS ports and the reverse proxy port in addition to the BitwardenRS container's ports. - Adding /action.d/iptables-allports.local to try to kill any existing connections as I read this could be an issue. I only receive error messages in the log when I try this. - Adding chain=FORWARD to the /jail.d/bitwarden.local file. However, I did not think this necessary because I am using a reverse proxy. - I have made sure the timezone is the same in all areas. - I tried on my cellphone using the cellphone network IP. Please let me know if you think there is anything else I can try. **Here is from my logs:** ``` 2020-04-19 01:17:59,883 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:17:59 2020-04-19 01:18:01,059 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:01 2020-04-19 01:18:01,913 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:01 2020-04-19 01:18:02,694 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:02 2020-04-19 01:18:03,488 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:03 2020-04-19 01:18:03,714 fail2ban.actions [1]: NOTICE [bitwarden] Ban myip 2020-04-19 01:18:04,326 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:04 2020-04-19 01:18:05,230 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:05 2020-04-19 01:18:06,091 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:06 2020-04-19 01:18:07,562 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:07 2020-04-19 01:18:09,345 fail2ban.filter [1]: INFO [bitwarden] Found myip - 2020-04-19 01:18:09 2020-04-19 01:18:10,933 fail2ban.actions [1]: NOTICE [bitwarden] myip already banned ``` **Here is from my /jail.d/bitwarden.local:** ``` [bitwarden] enabled = true port = 80,3012 filter = bitwarden action = iptables-allports[name=Bitwarden] sendmail-whois[name=Bitwarden, dest=myemail@email.com] logpath = /bitwarden/bitwarden.log maxretry = 5 bantime = 14400 findtime = 14400 ``` **Here is from my /filter.d/bitwarden.local:** ``` [INCLUDES] before = common.conf [Definition] failregex = ^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$ ignoreregex = ``` **Here is from my /action.d/iptables-common.local:** ``` [Init] blocktype = DROP [Init?family=inet6] blocktype = DROP ``` **Here is from my docker-compose.yml:** ``` version: '3' services: fail2ban: container_name: fail2ban restart: always image: crazymax/fail2ban:latest environment: - TZ=Etc/UTC - F2B_DB_PURGE_AGE=1d - F2B_LOG_TARGET=/data/fail2ban.log - F2B_LOG_LEVEL=INFO - F2B_IPTABLES_CHAIN=INPUT - SSMTP_HOST=smtp.email.com - SSMTP_PORT=port - SSMTP_HOSTNAME=email - SSMTP_USER=myemail@email.com - SSMTP_PASSWORD=mypassword - SSMTP_TLS=YES - SSMTP_STARTTLS=Yes volumes: - /volume1/docker/fail2ban:/data - /volume1/docker/bitwarden:/bitwarden:ro network_mode: "bridge" privileged: true cap_add: - NET_ADMIN - NET_RAW ```

MrUnknownDE closed this issue 2026-04-06 04:21:02 +02:00

MrUnknownDE added the better for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forumbetter for forum labels 2026-04-06 04:21:20 +02:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

duplicate

duplicate

duplicate

duplicate

duplicate

duplicate

duplicate

duplicate

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

hacktoberfest-accepted

hacktoberfest-accepted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

notes

notes

notes

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

No Label better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum better for forum

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

MrUnknownDE

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#2971