mykey/Fail2Ban-Dashboard---NPM
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial release: F2B Control Center v1.0

Browse Source 
Fail2Ban + Nginx Proxy Manager dashboard in a single Docker container.

Features:
- Auto-ban via badbot, http-errors, npm-probe, manual-bans, recidive jails
- Web dashboard: live ban grid, log scanner, per-IP access log viewer
- iptables-nft banning (DOCKER-USER + INPUT chains)
- Optional Cloudflare WAF banning
- Optional AbuseIPDB threat scoring
- Two-tier IP management: whitelist (trusted) vs exempt (reviewed)
- Auto log-file detection via logwatch (no restart needed for new NPM hosts)
This commit is contained in:
gitea
2026-02-20 18:59:56 +00:00
commit c104e27506
24 changed files with 3333 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
fail2ban/action.d/docker-npm.conf Normal file
View File

@@ -0,0 +1,15 @@
[Definition]
# Three rules per ban:
# 1. DOCKER-USER source: blocks direct connections from the banned IP to any container
# 2. DOCKER-USER xt_string: blocks CDN-proxied requests where real IP is in X-Forwarded-For
# (requires xt_string kernel module on the host: modprobe xt_string)
# 3. INPUT: blocks direct connections to host services
actionban = iptables-nft -I DOCKER-USER -s <ip> -j DROP
iptables-nft -I DOCKER-USER -m string --algo bm --string 'X-Forwarded-For: <ip>' -j DROP 2>/dev/null || true
iptables-nft -A INPUT -s <ip> -j DROP
actionunban = iptables-nft -D DOCKER-USER -s <ip> -j DROP || true
iptables-nft -D DOCKER-USER -m string --algo bm --string 'X-Forwarded-For: <ip>' -j DROP 2>/dev/null || true
iptables-nft -D INPUT -s <ip> -j DROP || true