InsideDarkWeb.com

Fail2ban unbans before restart and then rebans after restart, even though dbfile is set

I am new to running a web server. I have fail2ban version 0.9.3 on Ubuntu 16.04.6 LTS. I am pretty sure I have the latest version of fail2ban and just today updated all packages with apt.

Whenever I restart the box or the fail2ban service, fail2ban takes a long time (~1 minute?) to shut down, and by tailing its log I can see that it is systematically unbanning thousands of IPs in the sshd jail in numerical order. Once the service restarts, it spends tons of time (multiple hours) and CPU re-banning those same IPs in order (it takes a second or two for each one, which to me seems to indicate that it is NOT actually reading from a db but is instead reading log files).

I would like it to never unban them in the first place.

I have looked for other questions about this issue, such as this one, and I checked that dbfile is set. The log states upon restart that the db has been connected to, so that is not the issue. Most of the info I can find about this issue seems to be from before fail2ban made persistent dbfile the default behavior.

This is such a huge waste of CPU and I am getting charged for it. How can I stop this?

Server Fault Asked by Kuhron on November 14, 2021

0 Answers

Add your own answers!

Related Questions

2 versions of libssl on one system

1  Asked on February 18, 2021 by jakub-urbanowicz

   

Azure Virtual Gateway not using Route table

1  Asked on February 17, 2021 by hein-gustavsen

     

SSSD+Samba+SSH GSSAPI authentication issues

1  Asked on February 17, 2021 by eroji

       

How to add permissions to windows user in samba on ubuntu server

2  Asked on February 17, 2021 by matthew-tranmer

     

SSL Test for the server domain (not a web app domain)

0  Asked on February 17, 2021 by mekswoll

   

How to set up QoS on MikroTik RouterOS?

1  Asked on February 16, 2021 by udo-g

     

Soft limit vs Hard limit?

3  Asked on February 16, 2021 by kidcapital

       

RRAS IKEv2 VPN no response

0  Asked on February 16, 2021 by asagohan

       

CentOS 8 Chrony – how to query servers for time difference?

1  Asked on February 14, 2021 by dualsport

   

Ask a Question

Get help from others!

© 2021 InsideDarkWeb.com. All rights reserved.