Fail2Ban option overload

Ron_E_James_D.O · October 29, 2025, 6:08pm

I am on a 7.50.0 that started as a 7.4x. I noticed today that Fail2Ban didn’t have an apache-auth jail (which I do on an other Virtualmin but don’t remember configuring personally, though that does not mean that I didn’t). Either way I did not setup the jails that are there now (dovecot, postfix, postfix-sasl, proftpd, sshd, webmin-auth).

I apologize if this is a question that belongs I a forum dedicated to Fail2Ban, but I noticed the plethora of options for apache stuff under:

Webmin > Networking > Fail2Ban Intrusion Detector > Filter Action Jails

… is there any reason I wouldn’t want all of these enabled?

Thanks.

SYSTEM INFORMATION
OS type and version	Ubuntu 24.04
Virtualmin version	7.50.0

calport · October 29, 2025, 7:01pm

I too observe fail2ban is not starting on some Debian 11 and 12 systems…

Ron_E_James_D.O · October 29, 2025, 7:08pm

To clarify, it did start, it just didn’t have apache-auth enabled by default which I thought was curious for a LAMP (which does have a few others automatically enabled).

Probably normal though.

My real question is “why not enable all of them that have apache in the name” (or anything else I know I’m running)?

calport · October 29, 2025, 8:25pm

Because doing so would require resources (RAM and CPU) which are always scarce and you might want to keep them free for web hosting services.

system · December 28, 2025, 8:26pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.