Adding Bunny.net CDN IP to allow list fail2ban

While sharing a blog post, I realised some users in other countries could not load my website, with either a 502 error or certain assets not loading like CSS.

After a bit of research and some back and forth with Bunny.net I discovered that Fail2ban was blocking some of Bunny.net’s servers.

Bunny CDN provided two lists:

https://api.bunny.net/system/edgeserverlist

and a plaintext version https://api.bunny.net/system/edgeserverlist/plain

With the information provided above and a bit of google kungfu, I worked out what I needed to do. The below instructions are for my setup however may be applicable to you.

1. SSH into your server.
2. open the jail.local file

nano /etc/fail2ban/jail.local

3. You will find something similar to

[wordpress-hard]
enabled = true
filter = wordpress-soft
logpath = /var/log/auth.log
maxretry = 3
port = http,https
bantime = 3600

4. you will need to add ignoreip = IP addresses. You can add multiple by adding a space between each record, eg:

[wordpress-hard]
enabled = true
filter = wordpress-soft
logpath = /var/log/auth.log
maxretry = 3
port = http,https
bantime = 3600
ignoreip = 127.0.0.1 1.1.1.1

5. Below is the line I used, including all IP addresses from the above list

ignoreip = 84.17.46.49 185.93.1.242 185.152.67.139 185.93.3.241 91.189.179.2 185.152.67.22 185.152.67.152 54.38.195.201 217.182.201.147 89.187.185.87 212.102.50.49 84.17.46.50 89.187.173.70 89.187.185.163 84.17.37.209 89.187.185.162 89.187.188.223 89.187.188.227 89.187.188.228 185.59.220.196 89.187.173.66 185.81.165.6 212.102.50.50 185.93.2.242 92.223.73.24 185.180.14.250 212.102.50.51 185.59.220.193 185.93.2.241 89.187.185.21 95.217.37.33 84.17.63.177 185.93.1.241 195.181.163.193 89.187.162.241 89.187.162.243 89.187.169.15 84.17.44.181 51.79.176.84 51.79.176.85 89.187.162.244 212.102.46.113 139.180.134.196 45.32.177.93 51.83.238.53 89.38.96.158 195.181.163.194 217.138.193.34 102.129.144.45 185.243.214.143 185.243.214.145 185.93.3.243 185.93.3.242 92.223.87.36 5.188.95.16 185.59.220.194 89.187.162.249 89.187.162.242 185.243.214.239 185.102.217.65 185.93.1.243 185.243.214.244 156.146.40.49 185.59.220.199 185.59.220.198 195.181.166.158 185.180.12.68 185.31.158.210 139.99.63.197 138.199.57.151 138.199.24.209 89.187.162.251 138.199.24.211 89.187.169.3 89.187.185.164 89.187.169.39 89.187.169.47 37.19.206.70 23.81.206.222 5.189.202.54 84.17.46.51 185.101.138.146 5.188.120.15 200.25.62.76 156.146.53.225 200.25.38.139 138.199.24.218 138.199.24.219 138.199.46.65 185.40.106.117 143.244.38.129 200.25.45.4 200.25.57.5 200.25.22.6 200.25.11.8 200.25.53.5 122.10.147.2 200.25.13.98 128.1.121.170 209.177.87.194 107.155.21.186 107.155.6.130 107.155.27.226 45.43.51.106 84.17.44.161 185.180.13.248 89.187.185.237 143.244.60.109 41.242.2.18 185.152.66.242 92.38.138.8 200.25.62.5 200.25.38.69 200.25.42.70 200.25.36.166 195.206.229.106 138.199.9.99 138.199.9.98 138.199.37.225 92.223.88.123 138.199.15.129 84.17.46.52 92.223.80.170 185.93.2.243 194.242.11.186 37.19.203.80 138.199.37.226 65.108.101.60 185.164.35.8 193.39.14.167 37.120.194.22 185.173.226.42 195.69.143.190 94.20.154.22 37.19.216.129 185.93.1.244 89.38.224.138 213.170.143.68 138.199.9.107 156.59.145.154 143.244.49.177 102.129.144.44 141.94.200.27 89.187.165.193 23.248.177.58 138.199.46.66 138.199.37.227 138.199.37.231 138.199.37.230 138.199.37.229 103.216.222.103 138.199.46.69 138.199.46.68 138.199.46.67 185.93.1.246 103.216.222.105 103.216.222.107 138.199.37.232 103.216.222.109 195.181.163.196 107.182.163.162 195.181.163.195 84.17.46.53 212.102.43.81 212.102.40.114 185.234.52.150 84.17.46.54 138.199.40.58 143.244.38.134 185.152.64.17 84.17.59.115 89.187.165.194 103.216.222.111 138.199.15.193 89.35.237.170 37.19.216.130 185.93.1.247 185.93.3.244 180.149.231.39 209.160.96.178 143.244.49.179 143.244.49.180 195.181.164.178 143.244.49.187 143.244.51.67 143.244.51.65 143.244.51.66 138.199.9.104 122.10.251.138 212.102.50.52 185.152.66.243 143.244.49.178 138.199.46.75 156.146.53.227 169.150.207.49 146.59.68.188 200.25.18.73 84.17.63.178 200.25.32.131 143.244.38.139 169.150.215.113 169.150.207.51 37.19.207.34 169.150.207.57 169.150.207.58 169.150.207.56 204.16.244.131 208.83.234.216 87.249.137.50 185.93.2.248 134.195.197.175 172.105.63.17 128.1.104.170 195.181.163.70 192.189.65.146 143.244.45.177 176.123.9.72 185.93.1.249 185.93.1.250 169.150.215.115 209.177.87.197 156.146.56.162 156.146.56.161 185.93.2.246 185.93.2.245 212.102.50.58 92.223.73.75 212.102.40.113 185.93.2.244 158.69.123.215 143.244.50.82 143.244.50.83 156.146.56.163 156.59.181.10 185.135.85.154 104.218.233.175 185.165.170.74 92.223.103.16 102.219.177.93 129.227.217.178 200.25.69.72 139.99.68.6 128.1.52.179 200.25.16.103 15.235.54.226 207.246.64.80 116.202.155.146 108.61.127.143 116.202.193.178 116.202.236.170 46.4.116.17 104.194.8.93 139.99.63.166 139.99.150.49 116.202.224.168 188.40.126.227 88.99.26.189 168.119.39.238 88.99.26.97 168.119.12.188 199.247.1.226 157.245.99.163 51.195.190.71 169.197.143.85 169.197.143.195 104.238.220.175 176.9.139.55 176.9.139.94 172.96.160.206 38.75.137.102 38.75.137.10 38.75.136.40 38.75.137.65 38.75.136.153 38.75.136.111 5.161.66.71 5.161.65.35 5.161.65.27 5.161.66.72 5.161.65.29 5.161.62.81 5.161.63.17 5.161.63.53 5.161.63.45 5.161.63.68 5.161.74.57 5.161.75.48 5.161.73.210 5.161.69.81 5.161.67.9 5.161.67.27 142.132.223.79 142.132.223.80 142.132.223.81 5.161.88.97 5.161.90.228 5.161.85.161 5.161.78.181 5.161.84.169 5.161.92.86 5.161.92.85 5.161.92.84 5.161.72.83 5.161.70.244 5.161.71.198 5.161.49.93 5.161.72.89 5.161.72.135 5.161.72.194 5.161.72.200 5.161.70.230 5.161.60.80 38.75.137.193 38.75.136.208 64.140.160.18 104.237.58.186 64.140.162.66 51.161.198.33 169.150.207.55 143.244.50.81 143.244.51.75 109.248.43.116 109.248.43.117 109.248.43.162 109.248.43.163 109.248.43.164 109.248.43.165 49.12.71.27 49.12.0.158 78.47.94.156 109.248.43.159 109.248.43.160 109.248.43.208 109.248.43.179 109.248.43.232 109.248.43.231 109.248.43.241 109.248.43.236 109.248.43.240 116.202.118.194 116.202.80.29 159.69.57.80 139.180.129.216 139.99.174.7 89.187.169.18 89.187.162.166 89.187.162.245 185.180.13.241 185.180.13.242 185.180.13.243 185.59.220.203 185.59.220.200 185.59.220.202 185.59.220.201 89.187.169.26 212.102.56.49 212.102.56.48 212.102.56.54 212.102.56.57 185.180.13.246 143.244.63.120 138.199.9.97 138.199.40.49 138.199.40.50 138.199.40.51 138.199.9.105 143.244.38.132 143.244.38.133 37.19.222.241 143.244.49.181 89.187.179.7 84.17.35.196 84.17.35.195 143.244.62.213 185.93.3.246 195.181.163.198 185.152.64.19 84.17.37.211 212.102.50.54 138.199.4.133 138.199.4.132 212.102.46.115  

6. Lastly, Check your configuration and restart fail2ban

fail2ban-client -d && service fail2ban restart

Alternatively, you can edit your wp-config.php file and add the below line. You can replace the IP addresses with the above IP addresses or any other IP addresses you like. information can be found at https://docs.wp-fail2ban.com/en/4.4/defines/constants/WP_FAIL2BAN_PROXIES.html

define('WP_FAIL2BAN_PROXIES','192.168.0.42,192.168.42.0/24');