Enable Fail2ban on Yeastar Central Management

To prevent hackers from trying passwords or pass-phrases to comprise SSH login information of Yeastar Central Management, you can set up a Fail2ban rule to protect SSH.

Procedure

  1. Log in to Yeastar Central Management, go to Security > Fail2ban.
  2. In the Basic section, set up a rule.
    Setting Description
    Banned Duration (min) Define how long to block a malicious IP address.
    Note: To block a malicious IP address permanently, enter -1.
    Max Retry Interval (min) Define time interval in minutes.

    If an IP address reaches Max Retry within the time interval, the IP address will be blocked and recorded on Block IP list.
    Max Retry Define maximum times of retry.

    If an IP address reaches the times within Max Retry Interval (min), the IP address will be blocked and recorded on Block IP list.
  3. Optional: To prevent trusted IP addresses from being blocked, click Add to add one or more IP addresses in Fail2ban Whitelist section.

  4. Click Save.