arrow
Características
Features
Característiques
Ventajas Advantages Avantatges Funcionalidades Functionalities Funcionalitats Infraestructura Infrastructure Infraestructura API API API Imágenes Images Imatges
arrow
Nosotros
About us
Nosaltres
Más sobre Clouding More about Clouding Més sobre Clouding Contacto Contact Contacte Blog Blog Blog
arrow
Soporte
Support
Suport
Soporte Clouding.io Clouding.io Support Suport Clouding.io Cloud Pros Cloud Pros Cloud Pros Base de conocimiento Knowledge Base Base de coneixement
Contacto Contact Contacte FAQ FAQ FAQ Iniciar Sesión Login Iniciar Sessió
language icon Catalán Catalan Català language icon Español Spanish Espanyol language icon Inglés English Anglès
arrow
Características
Features
Característiques
Ventajas Advantages Avantatges Funcionalidades Functionalities Funcionalitats Infraestructura Infrastructure Infraestructura API API API Imágenes Images Imatges
arrow
Nosotros
About us
Nosaltres
Más sobre Clouding More about Clouding Més sobre Clouding Contacto Contact Contacte Blog Blog Blog
arrow
Soporte
Support
Suport
Soporte Clouding.io Clouding.io Support Suport Clouding.io Cloud Pros Cloud Pros Cloud Pros Base de conocimiento Knowledge Base Base de coneixement
Contacto Contact Contacte FAQ FAQ FAQ Iniciar Sesión Login Iniciar Sessió
language icon Catalán Catalan Català language icon Español Spanish Espanyol language icon Inglés English Anglès

Articles in this section

See more
banner banner banner

How to Unban IP Addresses in Fail2Ban

Alex Marquez
  • Updated

Fail2Ban is an application written in Python for blocking intruders on Linux systems. It works by penalizing or blocking remote connections from IP addresses involved in failed login attempts or brute-force attacks through the configuration of jails.

In many pre-installed images, it is installed and configured by default. It is important to keep this in mind for potential connection issues due to failed attempts. For example, control panels like Plesk usually include it with jails for mail services, among others, and you can manage the blocks directly from the panel.

This article is a brief summary of the options Fail2Ban provides for unblocking IPs from the operating system itself. Therefore, you can do it from the emergency console if you do not have SSH access because your IP address is blocked.

Unblocking a banned IP from all jails

To unblock an IP address from all jails, simply run:

# fail2ban-client unban [IP_address]

Replace [IP_address] with the IP you want to unblock. You can check your IP on IP Location.

Unblocking a banned IP from a specific jail

To unban an IP from a specific jail, use:

# fail2ban-client set sshd unbanip [IP_address]

Replace [IP_address] with the IP address and "sshd" with the jail you want to unblock. You can check your IP on IP Location.

Other Options and Additional Information

List Available Options and Commands

To learn more about the options and commands in Fail2Ban, you can run:

# fail2ban-client --help

You can also read the manual by running:

# man fail2ban

Add an IP Address to the Whitelist

An IP address can be ignored by Fail2Ban (whitelisted). You can configure this in the jail file or use the client. To add an IP to the whitelist, execute the following command:

# fail2ban-client set [jail] addignoreip [IP_address]

Replace [jail] with the corresponding jail name and [IP_address] with the specific IP address.

Remove an IP Address from the Whitelist

To remove an IP address from the whitelist, use the following syntax:

# fail2ban-client set [jail] delignoreip [IP_address]

Replace [jail] with the corresponding jail name and [IP_address] with the specific IP address.

Check Whitelisted IP Addresses

To view ignored (whitelisted) IP addresses, run:

# fail2ban-client get [jail] ignoreip

Replace [jail] with the jail you want to check.

Ban an IP Address in a Jail

To manually ban an IP address in a specific jail, execute:

# fail2ban-client set sshd banip [IP_address]

Replace [IP_address] with the IP address and "sshd" with the jail you want to block.

Unblocking All Banned IP Addresses from All Jails

To unban all IP addresses from all jails in Fail2Ban, simply run:

# fail2ban-client unban --all

This will display a result with a number, which indicates the number of IP addresses that have been unbanned.

List Configured Jails

To list all active jails in Fail2Ban, you can run the following command:

# fail2ban-client status

It will show the total number of jails and a list with the name of each one. For example, in Plesk, you should see the following:

Status
|- Number of jail: 11
`- Jail list: plesk-apache, plesk-apache-badbot, plesk-dovecot, plesk-modsecurity, plesk-panel, plesk-postfix, plesk-proftpd, plesk-roundcube, plesk-wordpress, recidive, ssh

List Banned IP Addresses in a Jail

To check the blocked IP addresses in a specific jail, run:

# fail2ban-client status sshd

Replace "sshd" with the jail you want to check. You should get a result similar to the following:

Status for the jail: sshd
|- Filter
| |- Currently failed: 3
| |- Total failed: 31
| `- File list: /var/log/auth.log
`- Actions
|- Currently banned: 3
|- Total banned: 8
`- Banned IP list: 205.251.242.103 54.239.28.85 176.32.103.205

Check the Status of the Fail2Ban Service

To check the status of the Fail2Ban service, you can run:

# systemctl status fail2ban.service

Check Fail2Ban Logs

You can check the service logs at the following path:

/var/log/fail2ban.log

We hope this tutorial was helpful 🙂. Remember, if you have any questions about this or anything else related to your servers on Clouding, feel free to reach out to soporte@clouding.io.

We're here to assist you with anything you need!

banner banner banner

Related articles