I suggest you ...

Fail2ban setting findtime per Jail

In Fail2ban (great idea to include it in plesk!) settings you can set "Time interval for detection of subsequent attacks" (findtime) in general. But it would be interesting this setting per Jail.
Why?
you could have 2 jail with same filter but different findtime. Example:
Jail 1) 5 failures in 600 seconds: 1800 seconds ban
Jail 2) 30 failures in 86400 seconds: 604800 seconds ban

There are bots that detect if you have some protection fail2ban or similar and it will adapt, login attempt every 300 seconds for example. Jail 1 no detect this attack, but Jail 2 yes.

45 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Rubén shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    7 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base