IPBan Versions Save

Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade to IPBan Pro today and get a discount. Learn more at ↓

2.0.0

4 months ago

Last update: 2024-03-26T02:03:00Z

  • .NET 8 Build
  • Allow override min time between failed logins for log files and event viewer expressions to block.

1.9.0

9 months ago

Last update 2023-10-11T15:28:00Z

This release contains firewalld support and makes firewalld the default firewall for Linux. The public zone is used for all the rules along with firewalld ipsets to store the ip addresses of each rule.

Also added a timestamp_utc option for parsing of event viewer and log files. If used, the timestamp will be assumed to be in utc time and not local time, unless a time zone is explicitly in the parsed timestamp, in which case that will be used.

1.8.1

1 year ago

Last update: 2023-07-04T17:38:00Z

  • User name truncation. The TruncateUserNameChars property can be used to configure behavior of user name truncation. '@' is the current default, meaning email addresses will be truncated to just the username, i.e. '[email protected]' will become 'bob' by default.
  • Don't log config error if config item is missing or empty.
  • Logging for ignored internal ip addresses and why they were ignored.
  • Fix an issue where base config (ipban.config) did not change but the override config (ipban.override.config) did and log files could stack endlessly.
  • Fix an issue computing the local ip address when ipv4 and ipv6 adapters were on the machine.
  • Attempt to fix possible Linux timer issue for running cycles.
  • Ensure legacy iptables is used on Linux.

1.8.0

1 year ago
  • [2022-09-21] Critical memory leak fix, please re-download and re-deploy 1.8.0 version if installed before 2022-09-21
  • Integration with https://ipthreat.net (see https://ipthreat.net/integrations/ipban)
  • Fix issue not using dns ip addresses for failed logins
  • Fix issue when expressions to block and/or expressions to notify element was removed entirely from config
  • New "log" group for regex to capture relevant log snippet, will be displayed on failed logins logging and sent to ipthreat api if enabled
  • Refactor cycle tasks to ensure each task executes regardless of whether other tasks throw exceptions
  • App setting values may be formatted with %[env_var_name]% to read the value from environment variables

1.7.3

1 year ago
  • Fix an issue with override config that would not copy appSettings/add elements if the base config did not also have the same key.
  • Attempt to fix an issue where editing the override config frequently could result in the override config not being merged properly.
  • Improve sql server negation expression in event viewer check.
  • Show source when ip address parse fails and a dns lookup is performed.
  • Perform web service call to https://api.ipban.com/myip to get ip address if external ip cannot be found.
  • Can add a max count to end of firewall uri rule to allow more than 10k ip addresses.

1.7.2

1 year ago
  • Fix an issue not unbanning ipv6 properly in Windows Firewall
  • Fix an issue on Linux iptables with ranges that were not proper cidr mask ranges
  • Detect successful ssh logins on Linux and Windows using certificates
  • Don't ban 404 errors in Tomcat, this would cause missing favicon, apple touch icon, etc. to ban incorrectly

1.7.1

2 years ago
  • Add additional Linux failed login files ( /var/log/httpd/access_log, /var/log/messages)
  • Reduce memory usage slightly
  • Reduce logging spam further. To see more detailed logging, set nlog.config levels to Debug.
  • Allow process to run on ban/unban to be newline separated for multiple processes

1.7.0

2 years ago
  • Upgrade to .NET 6
  • Significant RAM usage improvement

1.6.1

2 years ago
  • User name whitelist edit distance was not working correctly
  • When log file config other than path/mask was changed, the changes did not force a config reload
  • Add additional delimiters to ignore text for firewall uri rules
  • Fix a bug where some rdp successful logins were not recognized

1.6.0

3 years ago
  • Call process to run on unban when service starts and clear ip addresses is true
  • Fix uninstall script on Windows when folder does not exist
  • Log version upon startup
  • Add FailedLoginLogLevel and SuccessfulLoginLogLevel option for log file entries and LogLevel option event viewer entries. This log level will be used when writing the event to the log file. Default is Warning if not specified.
  • Fix issue when starting regex with a \n for log file parsing.
  • Don't fail or ban internal ip addresses
  • Handle bad auth types for ms exchange
  • Add option to process internal ip addresses