HOW TO: Install and setup Fail2Ban in Centos Server
Posted by on 12 February 2019 11:16 AM
|
|
About Fail2Ban Fail2Ban is a widely used tool for protecting the bruteforce attack analyzing the server log files. This will help us to automatically protect the server from malicious login attempts. Installing fail2ban Usually the default Centos Yum repository is not included with fail2ban package. We can enable EPEL repository to have this package. rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm After completing this, we can install fail2ban. yum install fail2ban Configuring Fail2Ban The default fail2ban configuration file is /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it. cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local After the file is copied, you can make all of your new configuration changes within the new jail.local file. There are lot of services that may need protection are included in the file by default. Each is located in its own section, configured and turned off. Restart Fail2Ban
After making any changes to the fail2ban config, always be sure to restart Fail2Ban:
service fail2ban restart
You can see the rules that fail2ban puts in effect within the IP table:
iptables -L | |
|