Knowledgebase
HOW TO: Install and setup Fail2Ban in Centos Server
Posted by on 12 February 2019 11:16 AM

About Fail2Ban

Fail2Ban is a widely used tool for protecting the bruteforce attack analyzing the server log files. This will help us to automatically protect the server from malicious login attempts.

Installing fail2ban

Usually the default Centos Yum repository is not included with fail2ban package. We can enable EPEL repository to have this package.

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

After completing this, we can install fail2ban.

yum install fail2ban

Configuring Fail2Ban

The default fail2ban configuration file is /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it.

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

After the file is copied, you can make all of your new configuration changes within the new jail.local file. There are lot of services that may need protection are included in the file by default. Each is located in its own section, configured and turned off.

 Restart Fail2Ban

 

After making any changes to the fail2ban config, always be sure to restart Fail2Ban:

 

service fail2ban restart

 

You can see the rules that fail2ban puts in effect within the IP table:

 

iptables -L

(0 vote(s))
Helpful
Not helpful

Comments (0)
Copyright © 1998 - 2021 Shinjiru International Inc. All Rights Reserved.