Protect Your Server from Cyber Attacks in Real-Time
Stop brute force attacks, DoS attempts, and malicious intrusions before they compromise your server. ISPProtect BanDaemon is an intelligent security daemon that monitors your server 24/7, automatically blocking threats using advanced pattern recognition and iptables integration.
🛡️ Why Choose ISPProtect BanDaemon?
Instant Threat Response
- Real-time monitoring of all critical log files
- Automatic IP blocking within seconds of detection
- Zero-configuration protection for common attack vectors
- Intelligent scoring system that adapts ban duration to threat severity
Enterprise-Grade Security
- Multi-service protection covering SSH, web servers, email, DNS, and FTP
- IPv6 ready with subnet-level blocking capabilities
- Distributed operation across multiple servers with centralized management
- Evidence collection for forensic analysis and abuse reporting
Proven Track Record
- Trusted by thousands of server administrators worldwide
- ISPConfig integration for seamless hosting environment protection
- Continuous development with regular updates and new features
- Professional support from security experts
🚀 Key Features
Comprehensive Service Protection
| Service | Protection Type | Attack Vectors Covered |
|---|---|---|
| SSH | Brute force detection | Failed login attempts, dictionary attacks |
| Web Servers | Apache/Nginx monitoring | SQL injection, XSS, and directory traversal |
| Postfix/Dovecot protection | SMTP auth failures, spam attempts | |
| FTP | Pure-FTPd integration | Brute force, unauthorized access |
| DNS | Bind monitoring | Query floods, cache poisoning attempts |
| Web Apps | CMS-specific rules | WordPress, Joomla, and ownCloud attacks |
Advanced Threat Intelligence
🌍 GeoIP Integration
- Country-based risk scoring with customizable multipliers
- Automatic high-risk region detection
- Geolocation data in all reports and evidence files
🤖 Smart Pattern Recognition
- Enhanced attack pattern detection
- Custom regex rules for application-specific threats
- Adaptive thresholds based on attack frequency and severity
📊 Comprehensive Reporting
- Daily email reports with attack summaries and statistics
- Real-time dashboards showing current threats and bans
- Evidence collection with automatic whois lookup and abuse reporting
Network & Infrastructure
🔗 Multi-Server Architecture (optional)
- Centralized database for enterprise deployments
- Instant ban propagation across all connected servers
- Load balancer compatibility with X-Forwarded-For support
- Cloud platform integration (AWS, Azure, GCP)
🌐 IPv6 & Modern Networking
- Full IPv6 support with /64 and /96 subnet blocking
- Dual-stack protection for hybrid environments
- Advanced firewall integration with iptables and ip6tables
💰 Pricing & Licensing
Flexible Licensing Options
🆓 Free Trial
- 14 days of full access to all features
- No registration required
- No feature limitations
- Perfect for evaluation
💼 BanDaemon License
- €29 per year per server
- All features included
- Email support
- Regular updates
The price is excl. VAT. VAT is applied to customers from the European Union who do not have a European VAT ID. The shopping cart will calculate and show the VAT amount (if any) based on your country and VAT ID before the purchase is finalized.
🏢 ISPProtect Bundle
- Includes BanDaemon + Malware Scanner
- Comprehensive server protection
- Priority support
- Volume discounts available
💡 Pro Tip: Existing ISPProtect customers can use BanDaemon with their current license key at no additional cost!
⚡ Quick Start Guide
Installation in 3 Simple Steps
Step 1: Download & Extract
cd /tmp/
wget https://www.ispprotect.com/download/ispp_bandaemon.tar.gz
tar xzf ispp_bandaemon.tar.gz
cd bandaemon_install/
Step 2: Run Installer
sudo bash install.sh
The installer automatically detects your system and configures optimal settings
Step 3: Start Protection
sudo systemctl start ispprotect_bandaemon
sudo systemctl enable ispprotect_bandaemon
System Requirements
| Component | Requirement | Recommended |
|---|---|---|
| OS | Linux with iptables | Ubuntu 20.04+, CentOS 8+, Debian 11+ |
| PHP | 5.6 - 8.3 | PHP 8.1+ |
| Database | MySQL 5.5+ / MariaDB 10.0+ | MariaDB 10.6+ |
| Memory | 64MB RAM | 256MB RAM |
| Disk | 100MB free space | 1GB for logs and evidence |
🔧 Advanced Configuration
Custom Protection Rules
Create tailored protection for your specific applications:
[custom-app]
logfile = /var/log/myapp/security.log
regex = "SECURITY_VIOLATION: IP=(\d+\.\d+\.\d+\.\d+)"
scope = global
threshold = 1
timeframe = 60
bantime = 1440
Multi-Server Deployment
Perfect for hosting providers and enterprise environments:
// Central database configuration
define('DB_HOST', 'central-db.example.com');
define('SERVER_IDENT', 'web-server-01');
// Automatic ban synchronization across all servers
define('BANDAEMON_DISTRIBUTED', true);
Web Application Protection
Enhanced PHP request analysis:
// Add to php.ini for comprehensive web protection
auto_prepend_file = /usr/share/php/ispp_bd_postlog.php
📈 Performance & Scalability
Optimized for High-Traffic Servers
- Low resource usage - typically <1% CPU and <50MB RAM
- Efficient log parsing with optimized regex engines
- Database optimization with intelligent indexing
- Scalable architecture supporting thousands of requests per second
Enterprise Features
- Load balancer integration with proper IP detection
- High availability with failover support
- Monitoring integration (Nagios, Zabbix, Prometheus)
- API access for custom integrations
🛠️ Management Tools
Command Line Interface
# View current bans
ispp_bandaemon --showbans
# Manual IP management
ispp_bandaemon --ban=192.168.1.100 --bantime=1H
ispp_bandaemon --unban=192.168.1.100
# Generate reports
ispp_bandaemon --report --screen
ispp_bandaemon --report --email=
# Whitelist management
ispp_bandaemon --whitelist=192.168.1.0/24
Automated Reporting
- Daily attack summaries via email
- Real-time alerts for critical threats
- Weekly trend analysis with recommendations
- Custom report scheduling with cron integration
📞 Support & Resources
Getting Help
- Comprehensive documentation with step-by-step guides: ISPProtect BanDaemon documentation.
- Email support for licensed customers. Contact us here
- Professional services for enterprise deployments
Resources
- Complete User Guide - Detailed documentation
🚀 Get Started Today
Try Before You Buy
Download your free 14-day trial and experience enterprise-grade server protection:
Purchase License
Ready to secure your server? Get your annual license:
Buy BanDaemon License - €29/year
Need Help?
Our team is ready to assist with your deployment:
- Technical support: Support Portal
🔄 Version 2.0 - What's New
Enhanced Features
- Modern systemd integration with service hardening
- Improved PHP 8.x compatibility
- Advanced database wrapper with better performance
- Enhanced IPv6 support with improved subnet handling
Performance Improvements
- Faster log processing with optimized algorithms
- Reduced memory footprint through efficient data structures
- Better database performance with improved queries
- Enhanced error handling and recovery mechanisms
New Capabilities
- Evidence collection system for forensic analysis
- Abuse reporting automation with whois integration
- Advanced GeoIP scoring with country-specific rules
- Distributed architecture for multi-server environments
Protect your server infrastructure with ISPProtect BanDaemon - the intelligent choice for modern server security.