It might be worth investing in a static IP if possible. If you feel adventurous and don’t mind doing some acrobatics, can try below solution. I didn’t get a chance to implement this service but suggesting if you are able to get someone configure this for you.
Option 1: Dynamic DNS
Subscribe to a Dynamic Dns service (there are plenty of them). The service will mostly like have you install a client on the machine whose IP keeps changing.
Setup a script on ERPNext server which regularly probes DDNS for new IP Address and updates fail2ban configuration accordingly
Option 2: VPN tunneling
You’ll have to host a VPN Server or subscribe to a service.
Connect your Client as well as ERPNext server to VPN (make sure that both get the same VPN IP address each time)
Whitelist your client’s VPN IP in Fail2Ban
Access your ERPNext site using Server’s VPN IP address
If the server is hosting multiple domains, you’ll have to host a local DNS server (risky and overkill for the purpose) and map your ERPNext domains to the server’s VPN IP address.
Is it normal to have up to 6 “400 bad request errors” within 10minutes? If so, what would be a more acceptable limit?
If the scenario above is abnormal and indicates a real issue, are there any pointers as to what may be the cause and how we can easily identify the offending client (most likely a web browser as indicated in the logs)?
True. Had the same issue and battled it for weeks thinking my database was crashing or my server specs was too low. Tripled my server config, tweaked mysql settings, increased gunicorn workers, optimized nginx but continued to have the same issue until i stumbled on a post about fail2ban blacklisting IPs intermittently. I checked the jail but couldn’t find my IP so i initially dismissed it as the problem. After a few more days and near sleepless nights i thought to myself “what have i got to lose?”. Whitelisted my IPs and wowzer!!! the problem went away. I almost kicked myself for it.