3.1.0 (2024-03-18)
New features:
– Option to query databases using LogFile entries in config.

For PathAndMask, use DB:[type]:[connection string]. Possible types: Sqlite, SqlServer, PostgreSql, MySql.

The FailedLoginRegex and SuccessfulLoginRegex will be queries instead of regex. Columns are required to be in this order: timestamp, ip (string or binary), source, user, extraInfo. Extra info contains any useful log snippet about what happened, and is optional.

You MUST specify a WHERE clause, including a Timestamp > @Timestamp provision where Timestamp is a DateTime compatible field and can be called anything. Add any other conditions you use to determine failed vs. success logins. If you don’t, you’ll process your entire database every cycle. If you lack source or user columns, just select ”

You can use Local (case insensitive) in your timestamp column name if it’s local time zone and not UTC. If you do this, use parameter @TimestampLocal in conjunction.

Finally, you can compare against a @TimestampUnix value (bigint) if your timestamp column is a bigint and represents unix timestamp.

Examples…

PathAndMask: DB:Sqlite:Data Source=c:/database/db.sqlite

FailedLoginRegex: SELECT Time, NetworkAddress, UserSource, UserName
FROM SecurityEvent
WHERE Time > @Timestamp AND OperationResult IN (2, 11)

SuccessfulLoginRegex: SELECT Time, NetworkAddress, UserSource, UserName
FROM SecurityEvent
WHERE Time > @Timestamp AND OperationResult = 1

– Syslog support (see web admin UI plugins).
– Option in user name aggregation to allow empty user names.
– Fix self signed certificates for email test.
– Fix issue where web admin logged successful logins repeatedly.
– Revert firewall monitoring in web admin to use a separate process again to fix edge cases where Win32 API didn’t report events.
– Allow override of min time between failed logins per log file or event viewer entry.
– Banned ip checker now takes firewall uri rules into account.

3.0.0 (2023-12-23)
New Features
– Rebuild with .NET 8, gaining improved performance.

Fixes
– Fixes for url whitelisting not working in some edge cases.
– Reduce memory usage.

2.6.0 (2023-12-14)
New Features
– More logging for tiered ban times.
– (Linux only) FirewallD dropped packet logging.
– (Linux only) Option to force iptables firewall on Linux by setting env var `IPBanPro_LinuxFirewallIPTablesWithMonitoringPriority` to `10`.

Fixes
– Tiered ban times will not unblock until the last tiered bantime is expired.
– Url whitelisting will remove added ips from local blacklist if applicable.
– (Linux only) Fix FirewallD ipv6 rules.
– (Linux only) Installer now uses yum to install ipset-libs on centos and redhat.

2.5.0 (2023-07-12)
New Features
– Country block overrides per machine, use machines section, machine options to do this
– ASN blocking, access from settings -> ipban shield section
– UI for disabling notifications for log files or event viewer per item
– Notes field to add whitelisting url form
– Blacklister specific role, this role is only allowed to call the `/api/banipaddresses?ipAddresses=ip1,ip2,ip3,etc` end point on the api of the web admin server
– Self signed certificate option for web admin server email notifications, see appsettings.json

Fixes
– Improve url whitelisting feature, bug fixes, stability improvements, handling of multiple filters/fqdn
– Tools, ban check in web admin or personal UI now correctly shows url whitelisting
– Attempt to fix an edge case that would delete the license key on web admin or personal edition startup
– Move delete machine button in machines section to the machine options

2.4.0 (2023-05-21)
All platforms
– Allow user ip whitelisting via urls.

2.3.0 (2023-03-29)
All platforms
– Tools area now contains an option to retrieve firewall rules from a client. Client can be changed on the query string using fqdn=[client fqdn]. Response is in JSON format. Requires datacenter client 2.3.0 or newer version.
– Auto update option.
– When machines restore a connection to the web admin server after being lost, an email notification is sent.
– UI fixes for banned ip and failed ip sections around blocking and unblocking.
– Expose the ClearFailedLoginsOnSuccessfulLogin setting in the ui.
– Fix monitor -> export option.

2.2.1 (2023-02-09)
All platforms
– Fix bug with license sync interval.
– Add user name truncation on @ character by default.
– Fix issue where dns whitelist was not denoted as whitelisted in the ip checker tool.

2.2.0 (2022-12-06)
All platforms
– Cloudflare integration using new plugins architecture.
– RunProcess integration using new plugins architecture.
– Other minor bug fixes.

2.1.2 (2022-09-21)
All platforms
– Another memory leak fix.

2.1.0 (2022-09-17)
All platforms
– Fix issue in MySQL initializer not detecting server version from connection string.
– Send failed logins for whitelisted ips so they show up in the UI.
– New notification option to notify a daily, weekly and/or monthly report of successful & failed logins, along with packet activity by country.
– New notification option to notify of successful web admin logins.
– Regex can now include a log group to provide relevant log snippet when logging.
– App setting values can use %[env_var_name]% syntax to load value from an environment variable.

2.0.1 (2022-06-14)
All platforms
– Add option to specify the window for duplicate notification filtering.
– Show other ip addresses of machines in machines tab.
– Fix export button.

2.0.0 (2022-05-12)
All platforms
– New monitoring tab for country view and real-time stream of blocked and allowed firewall packets. Also contains a resources viewer to see CPU, RAM, DISK, NET usage of your machines.
– Add export button to recent activity view to allow seeing entire history in csv files.
– Auto whitelist option, successful logins will auto-whitelist the remote ip for the number of days specified.
– UI improvements: Edit, export and resize options for whitelist and blacklist table editor.
– Improve installer editing experience. You can use delete, arrows and insert text.
– Fix sorting dates in various places.
– Improve geocoding performance.
– Improve list management in IPBan Shield section, add additional lists.
– Add swagger documentation, available at /swagger from your web admin. You must have a user/password defined for this to show up.
– Fix memory leak.

1.8.0 (2022-03-22)
All platforms
– Reduce memory usage
– Option to invert country block, allowing a set of countries to allow and block everything else

1.7.2 (2022-03-14)
– Ban/24 option in recent activity
– Improved networking performance
– Remember sort order of tables
– Fix logout

1.7.1 (2022-01-31)
All platforms
– Fix occasional null reference exception when attempting email sending
– Allow ctrl+click to mass select and ban or unban ips on the recent activity tab

1.7.0 (2022-01-01)
All platforms
– Improve performance
– Reduce RAM usage

1.6.0 (2021-07-11)
All platforms
– Allow free download of software so that it can be trialed without entering payment info
– Bug fixes for aliases, show aliases on recent activity tab

1.5.1 (2021-04-13)
All platforms
– Show update available message in top left when software update is available, with link to downloads page
– Option to send country block rules to clients (Windows only) where they will block country ips in the firewall. Certain ports can be exempted from this if desired.
– You may right click on a failed login ip address and ban it
– Allow using source in the notification body template, use {9} to show it
– Fix bug where notifications were not sent in some cases.

1.5.0 (2021-03-01)
All platforms
– Add licenses tab. The web admin now requires a valid license to function. Please email [email protected] if you don’t have a license key and you bought a subscription.
– Add ability to have an administrator user along with a guest user. Guest user has limited functionality including viewing recent activity.
– Re-organize tools into separate pages.
– Add notification web hook option in notification settings

1.4.0 (2020-12-29)
All platforms
– Fix an issue where some ip address countries were resolved incorrectly
– Fix an issue not generating credentials during installation when user/password was specified
– Allow changing username/password in tools (will update clients automatically)
– Improve grid display on tablets or smaller monitors
– Show failed login remote ip addresses in red if they are banned
– Broadcast server info for easier setup of datacenter clients.
– Fix existing credentials being overwritten to blank when updating

1.3.1 (2020-12-12)
All platforms
– Add option to tools menu to see if an ip address is banned or not
– Fix an issue where some notifications were not sent

Linux
– Add nginx auto setup to installer

1.3.0 (2020-11-09)
Windows
– Enable IIS web sockets during installation.
– Fix duplicate countries showing in dropdown list.

1.2.0 (2020-10-27)
All Platforms
– Fix some edge cases where null reference exceptions would prevent settings view from loading.
– Improve hand-off of server url entered to the application settings.
– Send whitelist command with all machine ip addresses connected to the web admin utility to all machines.

Windows
– Improve installation for IIS. The website and app pool will be setup automatically for you.

1.1.0 (2020-10-20)
– Bug fixes and performance improvements.

1.0.0 (2020-10-03)
– Initial release.