14th November 2009
fail2ban has a php-url-fopen rule.
If someone uses Google Translate (e.g. using Global Translate’s mini-language-flags), and goes back to your blog – that someone might get banned by fail2ban (especially if you have set maxretry to 1), as the referrer will contain the php-URL-fopen attack signature. The bad thing is that you will not realize that until after you check one or several translations yourself, as a random site visitor experiencing the problem is highly unlikely to bother reporting this problem – especially when your blog’s Contact page is also inaccessible.
Clearly, Google Translate is not the only legitimate service which will trigger that rule.
Solution: The only solution I have found is to specify the whitelist regex for the php-URL-fopen rule.