diff --git a/upgrade/Traefik.sh b/upgrade/Traefik.sh
index 99309a21da5e44f4669558e0d77eff9a9187c5a5..619e3bf912b4eac959c156c96d814df7395ec055 100644
--- a/upgrade/Traefik.sh
+++ b/upgrade/Traefik.sh
@@ -49,6 +49,18 @@ sed -i "s/IGNORE_IPS=.*/IGNORE_IPS=$iptetrix/" .env
 
 docker-compose up -d --build
 
+# Services ban
+cd /home/dockerweb/
+
+if [ ! -d "ban" ]; then
+  git clone https://gitlab.tetras-libre.fr/nocloud/docker/ban.git
+  cd /home/dockerweb/ban
+  cp .env.sample .env
+else
+  cd /home/dockerweb/ban
+  git pull
+fi
+
 # MAJ traefik
 cd /home/dockerweb/traefik
 git pull
diff --git a/upgrade/traefik_fail2ban.sh b/upgrade/traefik_fail2ban.sh
index 028741ae3566d6fb6539e98e95991cc1e67055e9..5c7af03518ff3c6c5d082ce34ac27772022b0522 100644
--- a/upgrade/traefik_fail2ban.sh
+++ b/upgrade/traefik_fail2ban.sh
@@ -7,6 +7,7 @@ logpath = /home/dockerweb/traefik/log/access.log
 chain = DOCKER-USER
 mode = aggressive
 findtime = 4h
+banaction = docker-page
 EOF
 cat <<EOF > /etc/fail2ban/jail.d/nocloud_base.conf
 [sshd]
@@ -21,5 +22,17 @@ banaction = %(banaction_allports)s
 bantime  = 1w
 findtime = 1d
 EOF
-fail2ban-client reload
+cat <<EOF > /etc/fail2ban/action.d/docker-page.conf
+[Definition]
+
+actionstart =
+
+actionstop =
+
+actioncheck =
 
+actionban = cd /home/dockerweb/ban; bash ban.sh <ip>
+
+actionunban = cd /home/dockerweb/ban; bash unban.sh <ip>
+EOF
+fail2ban-client reload