You’d rarely have to do anything about maintaining a healthy state of a Citrus Stack server. It is self healing, and secure from brute force attacks.
However, when you share access with developers, a frequent problem is that the server would automatically ban them.
This happens for a few reasons:
- Repetitive failed attempts to login to your website’s backend
- Use of SSH agent program on developer’s machine, which tries to login multiple times using different SSH keys (counts as failed login attempt)
Multiple attempts to login, and multiple records of this bad behaviour, will yield a nearly permanent ban in server’s firewall (recidive filter).
So in general, you may want to whitelist known trusted IPs from being automatically banned.
Steps to whitelist an IP from auto-banning
Connect to SSH using sudo user, which is by default centos (check your Server Guide for credentials).
Once connected, run:
sudo nano /etc/fail2ban/jail.local
Locate the line that reads ignoreip = 127.0.0.1/8 ...
Edit that line by prepending a whitespace and the IP you want to whitelist right after. The final line should look like this:
ignoreip = 127.0.0.1/8 1.2.3.4
Where 1.2.3.4 is the IP address that you want to whitelist.
Now, to apply the change, run:
sudo systemctl restart fail2ban
If the IP was already banned, the above command will unban it. And it will also make sure to not ban it again, should the IP make failed login attempts repeatedly.
Want things to be even more secure and have these changes done by professional support? Subscribe for Linux server management by GetPageSpeed.