CentOS 7.x fail2ban

From Notes_Wiki
Revision as of 09:20, 29 March 2018 by Saurabh (talk | contribs)

<yambe:breadcrumb>CentOS_7.x_Security_Tools|CentOS 7.x Security Tools</yambe:breadcrumb>

CentOS 7.x fail2ban

To configure fail2ban on CentOS 7.x use:

  1. yum -y install epel-release
  2. yum -y install fail2ban
  3. cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
  4. cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
  5. vim /etc/fail2ban/jail.local
    ...
    backend=systemd
    ...
    [sshd]
    enabled = true
    ...
  6. systemctl start fail2ban
  7. systemctl enable fail2ban
  8. fail2ban-client status
  9. fail2ban-client status sshd

There is also older article on fail2ban at Fail2ban


In case of email server using postfix and dovecot add

   enabled=true

under dovecot and posfix-sasl also. This would then create three jails including sshd.


Refer: