In a fail2ban alert email, attempts against apache-auth, does that mean attempts against either UCP or FPBX GUI?
The IP 10.123.194.20 has just been banned by Fail2Ban after
6 attempts against apache-auth on freepbx-a.
Neither. That means apache itself such as HTTP or HTTPS Provisioning with authentication.
1 Like
Thanks.
Are these failed provisioning attempts logged anywhere?
I am getting a fail2ban alert email every once in a while for one of my Yealink phones, although I have HTTP(s) Authentication set to none in sysadmin.
Why could I be getting those emails then?
I was having the same issue with the latest build of UCP. Rolled it back and the authentication issues went away. The log showed 3 failed sip registrations although the phone would register anyhow. Even though the IP addresses were white-listed in Fail2Ban, I would get an email saying that the IP address was banned and the IP would show up in Fail2Ban as banned. Everything seemed to work OK despite of this.
Note that I was only getting these alerts for phones that use the Login/Logout rest app. The extensions that do not “roam” were not affected.
Has there been any resolution to this? My Sangoma phones are triggering this on my PBXact 60 for some reason and I don’t know why?
I am getting this when somebody presses the contacts rest app button.
I think this is a bug.