All Versions
Latest Version
Avg Release Cycle
252 days
Latest Release
3104 days ago

Changelog History

  • v3.1 Changes

    December 20, 2015

    ๐Ÿš€ This is a minor update to the DenyHosts 3.x series. This release fixes a bug when moving between Python 2 and Python 3 environments. DenyHosts should now work equally well under either version of Python.

    ๐Ÿ”’ A new check has been added to confirm IP addresses retrieved from the security log are valid.

    DenyHosts will now (optionally) check for break-in attacks against IMAP services such as Dovecot.

    A new dependency has been added, the Python ipaddr library is now a run-time requirement.

  • v3.0 Changes

    June 27, 2015

    ๐Ÿš€ We are happy to report that lots of work has been going on behind the scenes to improve DenyHosts. Changes that have been introduced since the 2.10 release are as follows:

    ๐ŸŽ‰ Initial translation of code from Python 2 to Python 3. DenyHosts can now be run as either a Python 2 or a Python 3 program. The new code has been tested with Pyhton 2.7 and Python 3.4. If you require an older version of Python, please continue to use DenyHosts 2.10 and let us know of your requirements.

    โž• Added patch from Fedora to fix initial sync issue and insure info logging stream is active.
    (Provided by Jason Tibbitts.)

    โž• Added "import logging" to to avoid errors when setting up logging. (See above change.)

    Added option PF_TABLE_FILE to the configuration file. When this option is enabled it causes DenyHosts to write
    0๏ธโƒฃ blocked IP addresses to a text file. The default location is /etc/blacklist. This text file should correspond to a PF firewall table.

    ๐Ÿ”ง At start-up, try to create the file specified by HOSTS_DENY. That way we avoid errors later if the file does not exists. Can be a problem on operating systems where /etc/hosts.deny does not exist in the default configuration.

    โž• Added regex pattern to detect invalid user accounts. This blocks connections from remote hosts who are attempting to login with accounts not found on the local system. While these connections to non-existent accounts are relatively harmless, they are usually used as part of a brute force attack and filtering them before they reach OpenSSH is a good idea.

    ๐Ÿ”€ Finally, Jan-Pascal has created a sync server for DenyHosts which will allow DenyHosts services to coordinate lists of banned IP addresses. The new sync server is open source (GPLv3) and can be set up on private servers, networks and VPS. We plan to set up our own sync server in the near future. When a sync server is created it will be announced at

  • v2.10 Changes

    February 20, 2015

    ๐Ÿš€ We are pleased to announce the release of DenyHosts 2.10. This new version
    ๐Ÿš€ is mostly a bug-fix release, with many of the fixes coming from Jason Tibbitts who
    ๐Ÿ“ฆ packages DenyHosts for the Fedora project. (Thank you, Jason.) In version 2.10,
    DenyHosts can now correctly unlock stale PID files, a new systemd service unit file
    ๐Ÿ”Š has been added and DenyHosts now properly logs information when running in foreground
    mode. DenyHosts now detects PAM authentication errors on FreeBSD, the example PF
    ๐Ÿ“š firewall rule was improved and our documentation was cleaned up. DenyHosts no
    ๐Ÿ”ง longer requires that ETC_DIR is declared in the configuration file, and we default
    ๐Ÿ”ง to using /etc as our configuration directory if none is specified.

  • v2.9

    December 09, 2014
  • v2.8

    December 09, 2014
  • v2.7

    December 09, 2014
  • v2.6

    October 07, 2009
  • v2.5

    October 07, 2009
  • v2.4

    October 07, 2009
  • v2.4.b

    October 07, 2009