TBC-Hosting

  • Call Us : 1-323-486-1121

Login Register

How to Harden Your Server with fail2ban

In this article, you will find out how to install and configure fail2ban to help secure a server. With fail2ban, you can configure your server to automatically block IP addresses that create some suspicious activity.

 

About fail2ban

The fail2ban application monitors server log files for intrusion attempts and other suspicious activity. After a predefined number of failures from a host, fail2ban blocks its IP address automatically for a specific duration.

If someone will try to get unauthorized access to your account, fail2ban will secure your account and will ban any unauthorized attempts to access it. It is particularly effective in reducing the risk of scripted attacks and botnets.

 

Installing fail2ban

If you have Linux distribution, the guide below will help you to install fail2ban:

  • For Debian and Ubuntu, type the following command:

apt-get install fail2ban

  • For CentOS and Fedora, type the following command:

yum install fail2ban

  • To download and install the fail2ban package on CentOS and Fedora, you must have the EPEL (Extra Packages for Enterprise Linux) repository enabled for your system.

 

Configuring fail2ban

You will need to configure fail2ban after you finish installing it. To do so, follow the guide below:

  • Log in to your server using SSH.
  • At the command prompt, type the following command:

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

  • Open the jail.local file in your preferred text editor.
  • Locate the [DEFAULT] section, which contains the following global options:
    • ignoreip: This option enables you to specify IP addresses or hostnames that fail2ban will ignore. For example, you could add your home or office IP address so fail2ban does not prevent you from accessing your own server. To specify multiple addresses, separate them with a space. For example:

ignoreip = 127.0.0.1/8 93.184.216.34

  • bantime: This option defines in seconds how long an IP address or host is banned. The default is 600 seconds (10 minutes).
  • maxretry: This option defines the number of failures a host is allowed before it is banned.
  • findtime: This option is used together with the maxretry option. If a host exceeds the maxretry setting within the time period specified by the findtime option, it is banned for the length of time specified by the bantime option.
  • With fail2ban's global options configured, you are now ready to enable and disable jails for the specific protocols and services you want to protect. By default, fail2ban monitors SSH login attempts (you can search for the [ssh-iptables] section in the jail.local file to view the specific settings for the SSH jail).
  • Save your changes to the jail.local file.
  • To restart the fail2ban service and load the new configuration, type the following command:

service fail2ban restart

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

SSL Protection

SSL (Secure Sockets Layer) is a great way of securing a website, as it allows you to send the...

Securing an Unmanaged Website

Here we explain how you can protect an unmanaged server. There are a few steps to go through....

Securing a Hacked Website

In this article, you will find a guideline in which it is explained how you can get a hacked...

Why You Need to Back Up Your Website

Although today it is extremely easy to manage a website, some bad things still can happen and...

How to Secure Your Website's Software

In this article, we will talk about how you can protect all the software that you have on your...

  • 5042 Wilshire Blvd, Ste 26-176, Los Angeles, CA 90036.

  • 1-323-486-1121

  • Support@TBC-Hosting.com


company

hosting

DOMAINS

© Copyright | TBC Hosting, LLC 2020. All Right Reserved
The Billionaires Club, The Billionaire Plan, TBC-Hosting & Domains, MyWeb.Site were founded and owned by WebIdeas Partners, LLC and Chase D. Fonteno between 1997 - 2021 Chase D. Fonteno
a WebIdeas Partners, LLC company