My YunoHost server: 188.8.131.52 under Debian 11.6, Hosted VPS Server (KVM, 2core,8GB RAM)
Problem: my own IP is always banned within minutes
since two days, my yunohost Server is banning my IP very few minutes.
with: fail2ban-client status yunohost I can see my own IP from my provider and can unban the IP again.
I can’t see anything about this in the yunohost logs.
fail2ban log only shows: 2023-01-14 13:14:46,607 fail2ban.filter : INFO [yunohost] Found %my IP% - 2023-01-14 13:14:46
ssh connecion is always working (I don’t use std. Port22 and use a SSH authentication key).
Only my browser (windows Client) has a open connection to the Yunohost webinterface. Tested with two diffrent browser). I also cal see that only the browser has a connection to the IP of my externla yunohost Server.
Diagnostic only shows me the information about a lot of failed logins…“Recently there has been a suspiciously high number of authentication errors…”
But how to find out why my I is banned? I looks arrond a bit in /vag/log, but I’m not very familiar with linux. Is there a more detaild log about this?
yes, my IP was banned in yunohost and also in recidive, but not for sshd.
But now I closed the putty ssh session and can’t login anymore again. So looks like I’m also banned here now…
Have to wait for tomorrow to continue. I think it more a Client device Problem. Have uninstalled now everything. I will seach again tomorrow.
ok thanks I will try.
This would also explain my other question. I was already wondering why I’m suddenly in the “testing” release Version. I somehow didn’t put that in context since I had already seen the “testing” before this banning problem.