Documentation / Tutorials / Server

Remove ban from IPs banned by Fail2Ban

/ Server / Remove ban from IPs banned by Fail2Ban

Assuming you have secured your server using fail2ban, there comes a time when you may ban an IP wrongly. Here is how you can quickly check if that IP is banned and then un-ban it.

  1. fail2ban-client status | sed -n 's/,//g;s/.*Jail list://p' | xargs -n1 fail2ban-client status

    this command will give you a list of all the IPs banned by fail2ban and the Jail under which it has been banned.  if you the name of the jail you can check it using the following command as well.

    sudo fail2ban-client status wordpress2

    where wordpress2 is the name of the jail, as defined in jail.conf file.

  2. fail2ban-client set wordpress2 unbanip 103.68.18.146

    Once you have verified the IP, if it is banned you can use above command to remove the ban, wordpress2 is the name of the jail, while IP 103.68.18.146 is the IP which is being removed from ban.

If you have static IPs then you can whitelist them so that they do not get banned, it can be done by setting ignoreip in jail.conf or jail.local file. Here is an example of it

ignoreip = = 127.0.0.1/8  31.13.24.0/21 31.13.64.0/19 31.13.64.0/24 31.13.69.0/24 31.13.70.0/24 31.13.71.0/24 31.13.72.0/24 31.13.73.0/24 31.13.75.0/24 31.13.76.0/24 31.13.77.0/24 31.13.78.0/24 31.13.79.0/24 31.13.80.0/24 66.220.144.0/20 66.220.144.0/21 66.220.149.11/16 66.220.152.0/21 66.220.158.11/16 66.220.159.0/24 69.63.176.0/21 69.63.176.0/24 69.63.184.0/21 69.171.224.0/19 69.171.224.0/20 69.171.224.37/16 69.171.229.11/16 69.171.239.0/24 69.171.240.0/20 69.171.242.11/16 69.171.255.0/24 74.119.76.0/22 173.252.64.0/19 173.252.70.0/24 173.252.96.0/19 204.15.20.0/22 66.249.64.0/19 115.96.242.4

You can see how a range of IPs or multiple IPs can be added. Afterwards, remember to restart the fail2ban server using

service fail2ban restart

 

 

Categories
Most Popular

Leave a Reply

Your email address will not be published.