Anyone here planning a Fail2ban plugin? or at least do we have a guide to enable it on Caddy?
I think it’s important for the security of our servers to be able to use fail2ban. Right now only servers using caddy don’t have fail2ban working on them and we’re not very comfortable with that.
There’s been some discussion about that in other threads:
Fail2ban isn’t designed to work with servers that emit structured logs (such as Caddy’s JSON logs) so you need to configure Caddy to emit common_log access logs for fail2ban to read.
I’d rather see someone write a Caddy plugin for managing iptables rules directly instead of having an external tool, but I don’t think anyone’s done the work to do that yet.