Simple (and probably a silly) question. But I would like an answer.

Hi guys,

I have a quick question and probably it's silly, but I finally found some time to do some reading.

So far we have setup our servers with DirectAdmin always with "ConfigServer Security & Firewall" and Fail2Ban (there was a tutorial on the internet for this somewhere).
Anyways, I started to do some reading, but if you configure "ConfigServer Security & Firewall" manually (instead of using the default settings) it's sufficient enough right?

So in other words; Fail2Ban is not even needed (when CFS is setup correctly). Right? Or did I miss something here?

Sorry, if it seems a stupid question. But I only discovered this today.

Thank you in advance for your help and advice.


Sidenote: is it safe to just remove Fail2Ban on installed DirectAdmin servers with "ConfigServer Security & Firewall" configured?

It's not a stupid question. Having a question and not asking it, that is stupid.

I always make the default DA setup with CSF, after that I make the manual changes.

If you setup CSF in a good way, you dont'need Fail2Ban. You can even let CSF handle DA's brute force detection in a couple of ways.
Both methods are explained on the forums.

There is no need for fail2ban. It's safe to remove it if you setup CSF correctly. Works perfectly.

Hi Richard,

Thank you for your kind words and confirming this. I always used to install CSF and Fail2Ban, but after reading a bit more into it, I noticed Fail2Ban is simply to much.

Thanks again.

Regards

You're welcome MvdL.
And if something doesn't work to your liking with CSF, just ask, there are always some adjustments one can make to get it to work with csf.