How to install Fail2Ban and protect your SSH on CentOS

Cort Ammon

Cort Ammon

Member
Registered
Joined
Jul 8, 2016
Messages
48
Points
8
Fail2ban is a background application monitoring log file to detect the wrong IP address logged SSH password multiple times. Fail2ban uses iptables firewall rules to block IP addresses immediately with a predetermined time period.

Install fail2ban

We will install fail2ban through Repo EPEL

Code: 
yum install EPEL-release
yum install fail2ban

Configuring fail2ban

After installation is complete, you open up fail2ban configuration files will see a number of parameters are as follows:

Code: 
nano /etc/fail2ban/jail.conf
[DEFAULT]

#
# MISCELLANEOUS OPTIONS
#

# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
# ban a host which matches an address in this list. Several addresses can be
# defined using space separator.
ignoreip = 127.0.0.1/8

# External command that will take an tagged arguments to ignore, e.g. <ip>,
# and return true if the IP is to be ignored. False otherwise.
#
# ignorecommand = /path/to/command <ip>
ignorecommand =

# "bantime" is the number of seconds that a host is banned.
bantime = 600

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 600

# "maxretry" is the number of failures before a host get banned.
Click to expand...
Explanation:

ignoreip: do not block these addresses
bantime: interval (seconds) IP block
findtime: interval (seconds) a login to successful IP
maxretry: the maximum number of login false
Click to expand...
The default configuration is quite good, we do not need to change more on these configurations


Restart Service Fail2Ban

Code: 
chkconfig --level 23 fail2ban on
service fail2ban start
Finally check to see if the rule of iptables fail2ban exists or not

Code: 
iptables -L
To view the IP has been banned by fail2ban you use the command:

Code: 
fail2ban-client status ssh-iptables
To delete the IP from the list of banned, you use the following command

Code: 
fail2ban-client set ssh-iptables unbanip YOUR_IP_ADDRESS
Replace YOUR_IP_ADDRESS to the IP you want to unban.

For more info, you can visit fail2ban here.
 
You must log in or register to reply here.
Older Threads
T
What pricing page layout do you prefer?
Replies
4
Views
3,018
Luxin Host
edisonvpb
Second Chapter-basic command of Linux through SSH
Replies
0
Views
2,352
edisonvpb
FerdieQO
How to install and secure phpMyAdmin on Ubuntu 12.04
Replies
5
Views
4,290
VirtuBox
Cort Ammon
Tips to install vsftpd on CentOS 6
Replies
2
Views
3,479
Luxin Host
HostColor
Europe Cloud Servers: HIGH AVAILABILITY - 1GB RAM - 1 CPU Core - €20/mo
Replies
0
Views
16,557
HostColor
Newer Threads
ExpertHosters
OFFER Fully Managed Dedicated Server | 20% OFF | ExpertHosters.com
Replies
0
Views
1,578
ExpertHosters
pablohunt2812
Say hi to every one
Replies
8
Views
3,106
Mujkanovic
Kaz Wolfe
CPanel gets error when using Cloudflare?
Replies
5
Views
3,620
Vishnu
N
Any reliable cloud hosting provider which is worth for money?
Replies
8
Views
4,793
jamilaliahmed
Aaron Lavers
How much time do you spend at your hosting company?
Replies
4
Views
2,637
TurnKey Internet
Latest Threads
cancan
Save an incredible 90% off! The Best HostPapa Deal so Far: Unlimited SSL, 50 GB NVMe, 24/7 support
Replies
0
Views
27
cancan
M
How to Choose the Best Web Hosting Provider for a New Website ??
Replies
0
Views
28
marcellosallas
J
Jtti: What are some common misconceptions about firewall rules?
Replies
0
Views
123
jtti
Mvv758
Hello
Replies
1
Views
79
AlbaHost
D
Help Needed with Setting Up Cloudflare R2 for Object Storage
Replies
0
Views
99
dilshanking
Recommended Threads
Marc0
What makes a good Pin on Pinterest?
Replies
8
Views
3,486
Ola Rybacka
bgpgrid
Get a free year on our Global Wireguard VPN network!
Replies
0
Views
783
bgpgrid
miken
Open source web hosting control panel?
Replies
11
Views
3,938
hostens
Michele D.
Need Best Tips TO Earn Money From CPA Networkds
Replies
1
Views
2,170
Vance Lobo
sallysaleh
How to see where your website and keyword is ranked on google
Replies
2
Views
2,868
sallysaleh
Similar Threads
AlpineHost
Struggling to install SpamAssassin in Plesk
Replies
4
Views
921
AlpineHost
Josie Peterson
How to uninstall SSL certificate?
Replies
1
Views
849
Dr. McKay
Dr. McKay
How to install Memcached on Plesk hosting control panel?
Replies
2
Views
2,258
Mujkanovic
S
How to install WordPress on localhost??
Replies
3
Views
1,234
Shivani Kashyap
Moebuntu
How to install Fail2ban on Plesk Onyx
Replies
10
Views
11,265
Dr. McKay

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • free
  • hello
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top