Banning Myself

Paul Reinheimer
Aug 23, 2017 · 2 min read

A tweet from Honest Status Page hit a little too close to home today:

Several years ago I was working on a new page for WonderProxy, something in the administration section. To create the page I’d copy/pasted some other template, and was planning to iteratively change what I had to what I needed. I loaded the page once to confirm my routing was set up, returned to my editor and got to work. When I tried to save the file after a few changes, my editor complained that the upload failed. I tried again, fail. I tried to SSH to the server, that also failed. Panic! 🔥! I reached out to my business partner, he was away, I tried one of those up/down sites (these days I use Where’s it Up) and it said our site was fine, less panic. Then everything worked again, so I saved the file, refreshed the page and saw my changes. Success. Then I made another change, and the whole process repeated.

We, like the fine folks at Honest Status Page use fail2ban, which scans log files for failures to do things from remote users, and bans them at the firewall. This works great with things like brute-force login attempts. We’d also hooked it up to apache to scan for people hitting non-existant pages on our site. We were tired of seeing pages and pages of logs of malware looking for WordPress vulnerabilities. When I copied the tempate over, the HTML referenced some resources using relative urls (./img/avatar.png) that were not present the new place I was working on the template. Every time I’d load the page the HTML would work fine, so would the CSS, but then my browser would request 15 different non-existant images. fail2ban would see those failed requests and ban me.

It’s funny now, there was panic then.

)

Paul Reinheimer

Written by

Admiral of the 3rd armor division's air balloon regatta. Come fly with us

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade