fail2ban for playSMS

This is how to use fail2ban to protect playSMS from invalid logins. Invalid logins can come from bots specifically programmed to guess playSMS passwords. Correctly configured fail2ban will ban/block/reject IP of users/attackers when playSMS got too many invalid logins in short period of time.

Please note that the actual ban is done by iptables, or whatever action command used by fail2ban.

Step 1:

Configure fail2ban correctly. There are several articles showing you how to do it. Usually the example is to protect SSH service from fail logins.

Visit this article for fail2ban installation:

Step 2:

Create new filter for fail2ban.

Add playsms.conf to /etc/fail2ban/filter.d


# Fail2Ban filter for playSMS
# Detecting failed login attempts

failregex = auth_validate_login # invalid login .* ip:<HOST>$
ignoreregex =

# End of filter

Step 3:

Enable the filter to get fail2ban watch over playSMS log files.

Add playsms.local to /etc/fail2ban/jail.d


enabled = true
port    = http,https
filer   = playsms
logpath = /home/komodo/log/playsms/playsms.log

Step 4:

Reload fail2ban.

fail2ban-client reload


Monitor fail2ban log file:

tail -f /var/log/fail2ban.log

fail2ban log showing an IP banned:

2020-03-07 05:26:44,121 fail2ban.filter         [7878]: INFO    [playsms] Found - 2020-03-07 05:26:43
2020-03-07 05:27:02,151 fail2ban.filter         [7878]: INFO    [playsms] Found - 2020-03-07 05:27:02
2020-03-07 05:27:04,757 fail2ban.filter         [7878]: INFO    [playsms] Found - 2020-03-07 05:27:04
2020-03-07 05:27:07,964 fail2ban.filter         [7878]: INFO    [playsms] Found - 2020-03-07 05:27:07
2020-03-07 05:27:09,969 fail2ban.filter         [7878]: INFO    [playsms] Found - 2020-03-07 05:27:09
2020-03-07 05:27:10,666 fail2ban.actions        [7878]: NOTICE  [playsms] Ban

Discuss this on playSMS Forum:

8 thoughts on “fail2ban for playSMS

  1. great project, I did installation as per your instructions, but getting “DB Error: not found” although DB created successfully but could not find solution in forums, can you share contact and help me solve the issue ?


Comments are closed.