Fail2Ban + Docker Compose

btipton · May 16, 2022, 3:32am

I currently have a stack that I am trying to implement a local installation of fail2ban with [Vaultwarden w/MariaDB + Caddy (All 3 Docker Compose)]. I am having trouble figuring out jail.d configurations whether or not I should replace

banaction = %(banaction_allports)s

with something else since my instance is running running behind the caddy proxy.
Per the wiki.

NOTE:
Do not use this if you use a reverse proxy before Docker container. If proxy, like apache2 or nginx is used, use the ports of the proxy and do not use chain=FORWARD, only when using Docker without proxy!

NOTE on the NOTE above:
That's at least not true for running on Docker (CentOS 7) with caddy as reverse proxy. chain=FORWARD is absolutely fine and working with caddy as reverse proxy.

Anyone know if I should be doing something different other than the below due to the NOTE on the NOTE.

action = iptables-allports[name=vaultwarden, chain=FORWARD]

Any help is appreciated.
Thanks

bokkabonga · May 16, 2022, 8:21am

Hey,

I am running a similar setup. Only Difference is, that i use a non-docker apache as a reverse proxy. For me the following works like a charm:

action = iptables-allports[name=bitwarden, chain=FORWARD]
         %(action_mw)s[from=*redacted*, destination=*redacted*, sendername=Fail2Ban]

Topic		Replies	Views
Fail2ban on apache with reverse proxy Third Party Help	2	1531	March 17, 2021
Fail2Ban IPTable are not working Help	1	1209	December 26, 2020
Fail2ban for docker behind reverse proxy Third Party Help	0	1068	February 20, 2021
Fail2ban not banning Help	5	2685	March 13, 2021
Fail2ban Sidecar in Kubernetes Help	5	1398	February 20, 2021

Fail2Ban + Docker Compose

Related Topics