Bobcares

wesupport

CLIENT AREACall Us 1-800-383-5193
Bobcares

wesupport

Call Us 1-800-383-5193
Bobcares

wesupport

Call Us 1-800-383-5193

Need help?

Our experts have had an average response time of 13.52 minutes in October 2021 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

How to install fail2ban on CentOS

by | Sep 20, 2021

Looking for how to install fail2ban on CentOS? We can help you with this!

As part of our Server Management Services, we assist our customers with several CentOS queries.

Today, let us see how our support techs help our customers to install fail2ban on CentOS.

 

Install fail2ban on CentOS

 

Fail2ban is open-source software that actively scans the server’s log files in real-time for any brute force login attempts, and if found, it blocks the attack using the server’s firewall software.

In order to install Fail2Ban on CentOS, we first need to install EPEL before installing Fail2ban. The EPEL repository contains extra Packages for Enterprise Linux.

sudo yum install epel-release

sudo yum install fail2ban

After that, we need to configure and adjust the software with an updated jail.local configuration file.

First, we will make a copy of the “jail.conf” file to make a local configuration with this command.

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Then, we will need to edit the jail.local file in Vi using the following command. For example,

sudo vi /etc/fail2ban/jail.local
[DEFAULT]
ignoreip = 127.0.0.1/8 ::1
bantime = 5m
findtime = 5m
maxretry = 7

Here, for ignoreip, which allows us to exclude certain IP addresses from being banned. For bantime, determines how long an offending host will remain blocked until automatically unblocked. For findtime and maxretry, the find time sets the time window for the max retry attempts before the host IP attempting to connect is the blocked.

After completing the basic configurations, we need to check the different jails available in the configuration options.

For SSH jail settings, we can find at the top of the jails list, are disabled by default. We should turn them on by adding enabled = true in the SSH jail section.

[sshd]
enabled = true

After enabling all the jails we wish, save the configuration file. Then we will need to restart the monitor with the following command.

sudo systemctl restart fail2ban

Now we should check the iptable rules for the newly added jail sections on each of the application modules you enabled.

sudo iptables -L

All the banned IP addresses will appear in the specific chains that the failed login attempts occurred at. Using the following commands, we can also manually ban and unban IP addresses from the services defined by jails.

sudo fail2ban-client set <jail> banip/unbanip <ip address>

For example,

sudo fail2ban-client set sshd unbanip 81.136.253.41

[Need further assistance? Contact us now]
 

Conclusion

 
In short, today we discussed how our Support Techs helps our customers to install fail2ban on CentOS.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Reviews

Categories

Tags