Recent questions tagged fail2ban
Fail2ban scans log files (e.g. /var/log/apache/error_log
) and bans IPs that show the malicious signs – too many password failures, seeking for exploits, etc. Generally Fail2ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. [Source: Fail2ban Wiki]