Apache Auth

Running a FPBX 17 server with the firewall turned on and responsive firewall turned off

I am getting numerous emails from the server about fail2ban blocking ip address against attempts to Apache-Auth

As the server firewall has a very limited whitelist of addresses - I am confused as to why attackers would be able to hit Apache and thus get banned

Any ideas what I might have configured incorrectly and how to fix this ?

I think the ‘distro FreePBX firewall’ is only concerned with SIP, not http nor https, (Hopefully I am wrong :wink: )

No, Apache is concerned too.
If you are trying to login on the GUI with a wrong password, you will get a log on apache and so, you could be banned as well.

You need to check if the IP of the server is in the Internet Zone (It shoud be by default).
Next, need to check if the network is not declared on a trusted zone for example; 192.168.0.0/24.

Also, check the service Web Management is on Local, and not on Internet. And why not UCP , HTTP Provisioning, HTTPS Provisioning, REST APPS too.

Thanks for the reply

Looks like switching the zones from Internet to Local might have resolved the problem

Appreciate it

Just set it up the interface like this.

image

I know sometimes the zone is not correct when installing a system.

Regarding the other TAB. You can select zones like this;

image

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.