Enable Fail2ban on Yeastar Central Management

To prevent hackers from trying passwords or pass-phrases to comprise SSH login information of Yeastar Central Management, you can set up a Fail2ban rule to protect SSH.

Procedure

  1. Log in to Yeastar Central Management, go to Security > Fail2ban.
  2. In the Basic section, set up a rule.
    Setting Description
    Banned Duration (min) Specify how long (in minutes) a malicious IP address will be blocked.
    Note: To block a malicious IP address permanently, enter -1.
    Max Retry Interval (min) Specify the time interval (in minutes) during which failed attempts from the same IP address are counted against the Max Retry limit.

    If the limit is reached, the IP address will be blocked and added to the Blocked IP list.
    Max Retry Specify the maximum number of failed attempts allowed within the Max Retry Interval.

    If the limit is reached, the IP address will be blocked and added to the Blocked IP list.
  3. Optional: To prevent trusted IP addresses from being blocked, click Add to add one or more IP addresses in Fail2ban Whitelist section.

  4. Click Save.