| SYSTEM INFORMATION |
|
| OS type and version |
AlmaLinux 9.6 |
| Virtualmin version |
7.30.8 |
I’m trying to configure Fail2ban to additionally send a report to AbuseIPDB for its logging.
I’m following this guide to add the reporting functionality to Fail2Ban but I’m a little lost on the exact series of steps with the dashboard.
So far, I have already added my API key to the config file /etc/fail2ban/action.d/abuseipdb.conf.
But now the next step in the guide is to add the reporting action to fail2ban and that is where I’m having the problem. Should I manually add in the directive per the steps or do I use the “abuseIPDB” action in the edit jail option?
I ran into something similar when setting it up. You’ll need to manually add the abuseipdb action to the jail config under the [your-jail-name] section, like action = %(action_)s, abuseipdb. Using the dashboard alone might not fully apply it. Just make sure your abuseipdb.conf is properly configured and test with fail2ban-client after. Hope that helps.
Can confirm I had to manually add it in. Using the dashboard panel changed the formatting of the command given (removed quotation marks and insert extra commas where it wasn’t applicable). But reverting those and manually inserting it into the config file got the jail and abuseIPDB config to work together.