Fail2Ban-Report

SIEM & Threat Detection

Web-based dashboard for transforming Fail2Ban logs into searchable reports with centralized UFW IP blocklist management across multiple servers

Track releases GitHub

PHP Latest 0.5.0 · 9mo ago Security brief →

Features

Searchable and filterable Fail2Ban event reports
Multi-server dashboard with role-based authentication
Persistent blocklists and UFW firewall synchronization
Optional IP reputation integrations (AbuseIPDB, IP-Info.io)
Lightweight with no database requirement

Recent releases

View all 10 releases →

0.4.0 New feature 9mo

⚠ Upgrade required

The 'Copy to Clipboard' feature requires HTTPS to be enabled; it will not function on HTTP deployments.

Notable features

Optimized batch firewall processing with single ufw reload per jail
IP event markers highlighting repeated events and multi-jail IPs
Copy filtered table data to clipboard in TSV format

View release on GitHub

0.3.4 Bugfix 9mo

🆕 Fix V 0.3.4 Json Files should not loose Data anymore when several write processes trying to write the json file at the same time. firewall-update.sh: Added FLOCK to lock json when writing block-ip.php: Added FLOCK to lock json when writing unblock-ip.php: Added FLOCK to lo

View release on GitHub

3.3.3 New feature 9mo

⚠ Upgrade required

v0.4.0 (upcoming) will move and restructure the archive/ directory outside of the web root — users should prepare for this breaking structural change in the next major release

Notable features

DoS/Scan/Brute-force detection with warning and critical thresholds (bans per minute per jail)
Fail2Ban log statistics for today, yesterday, last 7 days, and last 30 days
Multi-IP action support

View release on GitHub

0.3.2 Feature 10mo

⚠ Upgrade required

Blocklist storage structure has changed from a global list to a jail-specific structure (blocklist["jailname"][]). Any scripts or integrations that read the blocklist directly may need to be updated to reflect the new data format.

Notable features