fail2ban ban list URL uses "http" as a protocolย #7016
Description
Contribution guidelines
- I've read the contribution guidelines and wholeheartedly agree
Checklist prior issue creation
- I understand that failure to follow below instructions may cause this issue to be closed.
- I understand that vague, incomplete or inaccurate information may cause this issue to be closed.
- I understand that this form is intended solely for reporting software bugs and not for support-related inquiries.
- I understand that all responses are voluntary and community-driven, and do not constitute commercial support.
- I confirm that I have reviewed previous issues to ensure this matter has not already been addressed.
- I confirm that my environment meets all prerequisite requirements as specified in the official documentation.
Description
In my mailcow admin UI, I see the fail2ban ban list URL as a plaintext URL:
http://mail.example.org/f2b-banlist?id=12345678-1234-5678-9012-123456789012
I don't think that this is something I explicitly configured, so it would have been automatically generated by the mailcow UI. Plaintext URLs should not be used for comms across the internet.
Steps to reproduce:
- Set up mailcow.
- Go to
https://mail.example.org/admin/system->Options->fail2ban parameters - Observe that at the bottom of the page, the fail2ban ban list URL is listed as
http://mail.example.org/f2b-banlist?id=12345678-1234-5678-9012-123456789012.
Logs:
N/A
Which branch are you using?
master (stable)
Which architecture are you using?
x86_64
Operating System:
Debian Trixie
Server/VM specifications:
N/A
Is Apparmor, SELinux or similar active?
N/A
Virtualization technology:
N/A
Docker version:
N/A
docker-compose version or docker compose version:
N/A
mailcow version:
2025-12a
Reverse proxy:
Apache
Logs of git diff:
N/A
Logs of iptables -L -vn:
N/A
Logs of ip6tables -L -vn:
N/A
Logs of iptables -L -vn -t nat:
N/A
Logs of ip6tables -L -vn -t nat:
N/A
DNS check:
N/A