I have setup fail2ban behind an ELB following this post, everything seems to work and I get this:
root@ip-10-164-24-152:/home/ubuntu# iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N fail2ban-apache-proxy -N fail2ban-ssh -A INPUT -p tcp -m tcp --dport 80 -j fail2ban-apache-proxy -A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh -A fail2ban-apache-proxy -p tcp -m tcp --dport 80 -m string --string "X-Forwarded-For: 86.191.20.43" --algo bm --to 65535 -j DROP -A fail2ban-apache-proxy -j RETURN -A fail2ban-ssh -j RETURN
However, the rule says
DROP
, but I’m still able to browse my site! Why is this? Am I missing another flag for the rule?
Answer
Attribution
Source : Link , Question Author : Abs , Answer Author : Community