Difference between revisions of "CentOS 7.x fail2ban"
From Notes_Wiki
m |
m |
||
| Line 4: | Line 4: | ||
To configure fail2ban on CentOS 7.x use: | To configure fail2ban on CentOS 7.x use: | ||
# yum -y install epel-release | # Install fail2ban using | ||
# yum -y install fail2ban | #:<pre> | ||
# cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local | #:: yum -y install epel-release | ||
# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local | #:: yum -y install fail2ban | ||
# | #:</pre> | ||
# Create a local copy of configuration files for local modifications. We should not modify .conf files directly as they would get overwritten during package upgrades | |||
#:<pre> | |||
#:: cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local | |||
#:: cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local | |||
#:</pre> | |||
# Edit /etc/fail2ban/jail.local to set backend to systemd and to also enable jail for sshd | |||
#:<pre> | #:<pre> | ||
#:: ... | #:: ... | ||
| Line 17: | Line 23: | ||
#:: ... | #:: ... | ||
#:</pre> | #:</pre> | ||
# systemctl start fail2ban | # Start and enable fail2ban on system boot | ||
# systemctl enable fail2ban | #:<pre> | ||
# fail2ban-client status | #:: systemctl start fail2ban | ||
# fail2ban-client status sshd | #:: systemctl enable fail2ban | ||
#:</pre> | |||
# Ensure that firewalld is enabled as that is required by fail2ban using [[CentOS 7.x Basic firewalld configuration]] | |||
# Verify that fail2ban is running with at least 1 jail and that jail has one or more blocked IPs | |||
#:<pre> | |||
#:: fail2ban-client status | |||
#:: fail2ban-client status sshd | |||
#:</pre> | |||
There is also older article on fail2ban at [[Fail2ban]] | There is also older article on fail2ban at [[Fail2ban]] | ||
Revision as of 08:16, 17 October 2018
<yambe:breadcrumb>CentOS_7.x_Security_Tools|CentOS 7.x Security Tools</yambe:breadcrumb>
CentOS 7.x fail2ban
To configure fail2ban on CentOS 7.x use:
- Install fail2ban using
- yum -y install epel-release
- yum -y install fail2ban
- Create a local copy of configuration files for local modifications. We should not modify .conf files directly as they would get overwritten during package upgrades
- cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
- cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
- Edit /etc/fail2ban/jail.local to set backend to systemd and to also enable jail for sshd
- ...
- backend=systemd
- ...
- [sshd]
- enabled = true
- ...
- Start and enable fail2ban on system boot
- systemctl start fail2ban
- systemctl enable fail2ban
- Ensure that firewalld is enabled as that is required by fail2ban using CentOS 7.x Basic firewalld configuration
- Verify that fail2ban is running with at least 1 jail and that jail has one or more blocked IPs
- fail2ban-client status
- fail2ban-client status sshd
There is also older article on fail2ban at Fail2ban
In case of email server using postfix and dovecot add
enabled=true
under dovecot and posfix-sasl also. This would then create three jails including sshd.
Refer:
