Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Web-based dashboard for Fail2Ban log filtering and blocklist control

License

Notifications You must be signed in to change notification settings

bitilk/Fail2Ban-Report

Repository files navigation

Fail2Ban-Report

Beta 3.1 | Version 0.3.1

A simple and clean web-based dashboard to turn your daily Fail2Ban logs into searchable and filterable JSON reports β€” with optional IP blocklist management for UFW.

πŸ›‘οΈ Note: This tool is a visualization and management layer β€” it does not replace proper intrusion detection or access control. Deploy it behind IP restrictions or HTTP authentication.

πŸ” Security Notice

Current Status:
Fail2Ban-Report currently manages bans and unbans via UFW as a safe intermediate solution.
It does not yet directly modify Fail2Ban jails or existing fail2ban configurations.

Future Direction:
The goal is to support direct management of Fail2Ban jails in upcoming versions β€” including user-controlled bans and unbans per jail.
To ensure full control and auditability, all manual ban actions are already tracked in a structured blocklist.json, which will later serve as the trusted source for persistent and reviewable ban state.

Please read the Installation Instructions carefully and secure your deployment with the provided .htaccess.

still a little experimental feature : Use the Installer Installer Setup Documentation It would be great if you tell me if the installer worked for your needs.


πŸ“š What It Does

Fail2Ban-Report parses your fail2ban.log and generates JSON-based reports viewable via a web dashboard. It provides optional tools to:

  • Visualize ban and unban events
  • Interact with IPs (e.g., manually block or unblock)
  • Maintain a persistent blocklist.json
  • Sync that list with your system firewall using ufw (support for other firewalls or direct communication with Fail2Ban jails is not yet implemented)

🧱 Architecture overview:

  • Backend Shell Scripts: Parse logs, generate JSON files, and update UFW rules based on blocklist.json
  • Frontend Web Interface: Visualizes data and offers action controls
  • JSON Blocklist: Stores manually blocked IPs marked with active=true

πŸ“¦ Features

  • πŸ” Searchable + filterable log reports (date, jail, IP)
  • πŸ”§ Integrated JSON blocklist for persistent Block-Overview
  • 🧱 Firewall sync using UFW (planned: nftables, firewalld)
  • ⚑ Lightweight setup β€” no DB, no frameworks
  • πŸ” Compatible with hardened environments (no external assets, strict headers)
  • πŸ› οΈ Installer script to automate setup and permissions
  • 🧩 Modular design for easy extension
  • πŸͺ΅ Optional logging of block/unblock actions (set true/false and logpath in firewall-update.sh)
  • πŸ•΅οΈ Optional Feature : IP reputation check via AbuseIPDB (manual lookup from web interface)

🧰 Works even on small setups (Raspberry Pi, etc.)


πŸ‘₯ Discussions

If you want to join the conversation or have questions or ideas, visit the πŸ’¬ Discussions page.


πŸ†• What's New in V 0.3.1

  • Protected access to JSON files
    • Direct access to /archive/*.json is now blocked via .htaccess
    • Frontend scripts no longer request raw .json files directly
  • New secure PHP endpoints
    • includes/get-json.php and includes/get-blocklist.php act as controlled proxies to serve JSON data
    • Only PHP scripts will now expose required JSON content
  • Hardened frontend behavior
    • JavaScript files (jsonreader.js, blocklist-overlay.js) fetch data only via the new PHP proxies
  • New Ministats in Header
    • Shows today's ban/unban statistics in the page header:
    • 🚫 Bans
    • 🟒 Unbans
    • πŸ“Š Total events
    • Adds quick insight into current Fail2Ban activity
  • Mobile-Friendly
    • Site is now more mobile friendly
    • added favicon (πŸ•΅οΈ) to make browsers happy

πŸ§ͺ as promised there is an highly experimental feature for using fail2ban instead of UFW. (⚠️ not recommended)


πŸ“„ Changelog

Details about all new features, improvements, and changed files can be found in the Changelog.

This is especially useful if you want to manually patch or update individual files.


πŸͺ³ Bugfixes

  • βœ… Date filter now correctly limits displayed events
  • βœ… Jail filter now correctly shows only the jails present in the displayed event list.
  • βœ… File date filtering fix to include today's JSON logs and ensure latest files are listed correctly.

πŸ›£οΈ Roadmap

πŸ”§ Setup & Automation

  • βœ… Automated installer script
  • βœ… Optional cron setup for log parsing and firewall sync
  • 🧩 More robust installer
  • ⏳ Secure-by-default deployments

πŸ” Security

  • βœ… Hardened .htaccess with best practices
  • βœ… add security layer between json and js
  • 🧩 moove archive/ out of webdirectory
  • ⏳ Further improvements (ongoing goal)

πŸ”₯ Active Defense

  • βœ… Manual IP blocking via UI in UFW
  • βœ… IP reputation lookup via AbuseIPDB
  • 🧩 Support for nftables, firewalld
  • 🧩 full integration with fail2ban jails for block/unblock actions
  • ⏳ Bulk blocking of multiple IPs
  • ⏳ Optional automatic blocking based on patterns or thresholds
  • ⏳ Integration with external services (e.g. AbuseIPDB reporting)

🌿 User Interface

  • ⏳ Improve CSS and styling

πŸ‘€ Outlook

  • πŸ”­ next major version will focus on security by mooving archive/ out of webdirectory.

πŸ–ΌοΈ Screenshots

Main interface with log overview
Blocklist interface with unblock actions Result after banning an IP Result after "report" an IP


🀝 Contributing

Pull requests, feature ideas and bug reports are very welcome!

  • Found a bug? β†’ Open an issue
  • Want to contribute? β†’ Fork and submit a pull request
  • Have an idea? β†’ Start a discussion or reach out directly : visit the πŸ’¬ Discussions page

πŸ’‘ "Wouldn’t it be cool if it could also do XYZ?"
Absolutely β€” I’m happy to hear your ideas.


πŸ“„ License

This project is licensed under the GPLv3.
Feel free to use, modify and share β€” but please respect the license terms.

About

Web-based dashboard for Fail2Ban log filtering and blocklist control

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • PHP 33.1%
  • Shell 28.6%
  • JavaScript 24.1%
  • CSS 14.2%

AltStyle γ«γ‚ˆγ£γ¦ε€‰ζ›γ•γ‚ŒγŸγƒšγƒΌγ‚Έ (->γ‚ͺγƒͺγ‚ΈγƒŠγƒ«) /