- Ubuntu 20.04
- Transmission with Remote access
- apache2 as reverse proxy
- fail2ban and e.g. iptables are installed
- Transmission is accesible via https://YourDomain/transmission/webui
User --https--> Apache2 --http--> Transmission
Install fail2ban:
sudo apt update && sudo apt install fail2ban -y
Create the Transmission-filter:
sudo nano /etc/fail2ban/filter.d/apache-transmission.conf
Transmission will not write authentication errors in logs, but you have chance to track it via apache2 access.log as 401 error.
Paste the following lines, this will cover GUI Failed login and WebDAV:
[Definition]
failregex = ^<HOST> - - .*transmission.*HTTP/[0-9]+(.[0-9]+)?" 401
ignoreregex =
Create a new jail:
sudo nano /etc/fail2ban/jail.d/apache-transmission.local
Paste the following rows:
[apache_transmission]
backend = auto
enabled = true
port = 80,443
protocol = tcp
filter = apache_transmission
#Number of retrys before to ban
maxretry = 5
#time in seconds
bantime = 36000
findtime = 36000
#Log path, on Ubuntu usually is following
logpath = /var/log/apache2/apache2.log
Re-start the fail2ban-service:
sudo service fail2ban restart
and enjoy your Transmission-Server!