Beta 3.1 | Version 0.3.1
A simple and clean web-based dashboard to turn your daily Fail2Ban logs into searchable and filterable JSON reports β with optional IP blocklist management for UFW.
π‘οΈ Note: This tool is a visualization and management layer β it does not replace proper intrusion detection or access control. Deploy it behind IP restrictions or HTTP authentication.
π Security Notice
Current Status:
Fail2Ban-Report currently manages bans and unbans via UFW as a safe intermediate solution.
It does not yet directly modify Fail2Ban jails or existing fail2ban configurations.
Future Direction:
The goal is to support direct management of Fail2Ban jails in upcoming versions β including user-controlled bans and unbans per jail.
To ensure full control and auditability, all manual ban actions are already tracked in a structuredblocklist.json, which will later serve as the trusted source for persistent and reviewable ban state.
Please read the Installation Instructions carefully and secure your deployment with the provided .htaccess.
still a little experimental feature : Use the Installer Installer Setup Documentation It would be great if you tell me if the installer worked for your needs.
Fail2Ban-Report parses your fail2ban.log and generates JSON-based reports viewable via a web dashboard. It provides optional tools to:
- Visualize ban and unban events
- Interact with IPs (e.g., manually block or unblock)
- Maintain a persistent blocklist.json
- Sync that list with your system firewall using ufw (support for other firewalls or direct communication with Fail2Ban jails is not yet implemented)
- Backend Shell Scripts: Parse logs, generate JSON files, and update UFW rules based on blocklist.json
- Frontend Web Interface: Visualizes data and offers action controls
- JSON Blocklist: Stores manually blocked IPs marked with active=true
- π Searchable + filterable log reports (date, jail, IP)
- π§ Integrated JSON blocklist for persistent Block-Overview
- 𧱠Firewall sync using UFW (planned: nftables, firewalld)
- β‘ Lightweight setup β no DB, no frameworks
- π Compatible with hardened environments (no external assets, strict headers)
- π οΈ Installer script to automate setup and permissions
- 𧩠Modular design for easy extension
- πͺ΅ Optional logging of block/unblock actions (set true/false and logpath in
firewall-update.sh) - π΅οΈ Optional Feature : IP reputation check via AbuseIPDB (manual lookup from web interface)
π§° Works even on small setups (Raspberry Pi, etc.)
If you want to join the conversation or have questions or ideas, visit the π¬ Discussions page.
- Protected access to JSON files
- Direct access to
/archive/*.jsonis now blocked via.htaccess - Frontend scripts no longer request raw
.jsonfiles directly
- Direct access to
- New secure PHP endpoints
includes/get-json.phpandincludes/get-blocklist.phpact as controlled proxies to serve JSON data- Only PHP scripts will now expose required JSON content
- Hardened frontend behavior
- JavaScript files (
jsonreader.js,blocklist-overlay.js) fetch data only via the new PHP proxies
- JavaScript files (
- New Ministats in Header
- Shows today's ban/unban statistics in the page header:
- π« Bans
- π’ Unbans
- π Total events
- Adds quick insight into current Fail2Ban activity
- Mobile-Friendly
- Site is now more mobile friendly
- added favicon (π΅οΈ) to make browsers happy
π§ͺ as promised there is an highly experimental feature for using fail2ban instead of UFW. (
Details about all new features, improvements, and changed files can be found in the Changelog.
This is especially useful if you want to manually patch or update individual files.
- Found a bug? β Open an issue
- β Date filter now correctly limits displayed events
- β Jail filter now correctly shows only the jails present in the displayed event list.
- β File date filtering fix to include today's JSON logs and ensure latest files are listed correctly.
- β Automated installer script
- β Optional cron setup for log parsing and firewall sync
- 𧩠More robust installer
- β³ Secure-by-default deployments
- β
Hardened
.htaccesswith best practices - β add security layer between json and js
- 𧩠moove
archive/out of webdirectory - β³ Further improvements (ongoing goal)
- β Manual IP blocking via UI in UFW
- β IP reputation lookup via AbuseIPDB
- 𧩠Support for nftables, firewalld
- 𧩠full integration with fail2ban jails for block/unblock actions
- β³ Bulk blocking of multiple IPs
- β³ Optional automatic blocking based on patterns or thresholds
- β³ Integration with external services (e.g. AbuseIPDB reporting)
- β³ Improve CSS and styling
- π next major version will focus on security by mooving archive/ out of webdirectory.
Main interface with log overview
Blocklist interface with unblock actions
Result after banning an IP
Result after "report" an IP
Pull requests, feature ideas and bug reports are very welcome!
- Found a bug? β Open an issue
- Want to contribute? β Fork and submit a pull request
- Have an idea? β Start a discussion or reach out directly : visit the π¬ Discussions page
π‘ "Wouldnβt it be cool if it could also do XYZ?"
Absolutely β Iβm happy to hear your ideas.
This project is licensed under the GPLv3.
Feel free to use, modify and share β but please respect the license terms.