From 53d55424023eb978eb11640a3a1c3044c80c6419 Mon Sep 17 00:00:00 2001 From: anoma Date: Thu, 2 Jul 2015 10:08:50 +0100 Subject: [PATCH] Revert to default 600 second ban time A 60 second/1 minute ban time is not long enough to counter brute force attacks which is the main purpose of fail2ban for mail in a box. The default bantime of 10 minutes is still sane and I think we have proven fail2ban is reliable enough not to cause problems in general. It is not worth sacrificing security for the rare case where an admin locks themselves out for 10 minutes. --- conf/fail2ban/jail.local | 3 --- 1 file changed, 3 deletions(-) diff --git a/conf/fail2ban/jail.local b/conf/fail2ban/jail.local index 276ab97b..cb80ef23 100644 --- a/conf/fail2ban/jail.local +++ b/conf/fail2ban/jail.local @@ -2,9 +2,6 @@ # For Mail-in-a-Box [DEFAULT] -# bantime in seconds -bantime = 60 - # This should ban dumb brute-force attacks, not oblivious users. findtime = 30 maxretry = 20