From fee78da96f29bb8811a8d4d2b9d9ad976ff45b6b Mon Sep 17 00:00:00 2001 From: tsanga13 <95390502+tsanga13@users.noreply.github.com> Date: Mon, 4 Aug 2025 00:29:07 -0500 Subject: [PATCH] Updated Fail2Ban Setup (markdown) --- Fail2Ban-Setup.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Fail2Ban-Setup.md b/Fail2Ban-Setup.md index f5c2e8d..07c707d 100644 --- a/Fail2Ban-Setup.md +++ b/Fail2Ban-Setup.md @@ -130,7 +130,7 @@ ignoreregex = `fail2ban.filter [5291]: ERROR No 'host' group in '^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$'` Please Use `` instead of `` in `vaultwarden.local` -**Tip:** Cloudflare users, make sure you set your Client IP header to `CF-Connecting-IP` in admin panel -> advanced settings -> Client IP header, else the clients real IP will not be logged/banned. Not necessary if you're using a proxy that's set up to configure which headers to use to determine the client's IP address; otherwise logging the Docker network address when CF-Connecting-IP doesn't exist. +**Tip:** Cloudflare users, make sure you set your Client IP header to `CF-Connecting-IP` in admin panel -> advanced settings -> Client IP header, else the clients real IP will not be logged/banned. Not necessary if you're using a proxy that's set up to configure which headers to use to determine the client's IP address; otherwise logging the Docker network address when `CF-Connecting-IP` doesn't exist. **Tip:** If you see 127.0.0.1 as the IP address of failed logins in vaultwarden.log, then you're probably using a reverse proxy and fail2ban won't work correctly: