How to install Fail2Ban?

Back

 Log in to your server

Log in to mCloud portal, open the main page of your server and then follow these steps:

  1. Click Console.
  2. Enter your username: "root".
  3. Enter your password (to see your password, click Show under Root password).

Install EPEL

While Fail2ban is not available in the official CentOS package repository, it is packaged for the EPEL project. EPEL, standing for Extra Packages for Enterprise Linux, can be installed with a release package that is available from CentOS:

sudo yum install epel-release

Instali Fail2ban

After installing EPEL, issue the following command to install Fail2ban:

yum install fail2ban

Once it's installed, enable it using:

systemctl enable fail2ban

Basic configuration

The configuration file for Fail2ban resides in the /etc/fail2ban folder. This folder also contains the configuration file with default settings named jail.conf. Considering the fact that this faile can be overwritten with each future upgrade, it is recomended that you leave this file untouched and create a new file instead called jail.local..

All settings which are defined in the jail.local file wll automatically overwrite everything in the jail.conf file. Open the new file using nano (or any other text editor of your choice):

nano /etc/fail2ban/jail.local 

Enter the following:

[DEFAULT]

# Ban hosts for one hour:
bantime = 3600

# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport

[sshd] enabled = true

This overrides three settings: It sets a new default bantime for all services, makes sure we're using iptables for firewall configuration, and enables the sshd jail. Next, restart FAil2ban, using:

systemctl restart fail2ban

To check if the service si running, issue the following command:

fail2ban-client status