fail2ban does not detect failed attempts (proftpd)
Posted: Sat 15. Nov 2025, 17:10
Hi everyone, I've had KeyHelp Panel installed for about 4 months and fail2ban isn't detecting failed login attempts via ProFTPD.
S.O: Debian 12.12
Keyhelp : 25.2
PHP : 8.2.29
Filter (default)
Where can I see the log of failed attempts?
Thanks in advance
PedroP
S.O: Debian 12.12
Keyhelp : 25.2
PHP : 8.2.29
Filter (default)
[kh-ftp]
enabled = true
port = ftp,ftp-data,ftps,ftps-data
filter = proftpd
backend = systemd
maxretry = 4
It's not showing anything.journalctl -u proftpd.service -p err
It only shows some logs; it doesn't show all the failed attempts I've made.journalctl -u proftpd.service | grep -i "login failed"
Oct 25 04:46:06 orka.extra.com proftpd[322428]: orka.extra.com (213.230.125.66[213.230.125.66]) - USER ftp (Login failed): Incorrect password
Nov 08 20:31:55 orka.extra.com proftpd[353826]: orka.extra.com (169.150.196.207[169.150.196.207]) - USER ftp (Login failed): Incorrect password
Nov 08 20:31:59 orka.extra.com proftpd[353827]: orka.extra.com (169.150.196.207[169.150.196.207]) - USER ftp (Login failed): Incorrect password
Where can I see the log of failed attempts?
Thanks in advance
PedroP