We're here to assist with any of your needs, don't hestitate to reach out.
Fail2Ban is an application that provides protection against malicious attacks on your server by monitoring log files and automatically banning IP addresses that show signs of suspicious activity.
To begin, make sure your system is up to date by running the following commands:
$ sudo yum update $ sudo reboot
Install Fail2Ban using the following command:
$ sudo yum install epel-release $ sudo yum install fail2ban
Edit the main configuration file using the command:
$ sudo nano /etc/fail2ban/jail.conf
Specify the IP address or CIDR range of your server in the "ignoreip" section to prevent it from being banned accidentally.
Next, you can customize various options such as ban time, maximum number of failed attempts, etc. as per your requirement.
Start the Fail2Ban service and enable it to start automatically on boot:
$ sudo systemctl start fail2ban $ sudo systemctl enable fail2ban
You can check the status of Fail2Ban using the command:
$ sudo fail2ban-client status
Fail2Ban comes with some predefined filters for services like SSH, Apache, etc. You can enable/disable these filters according to your needs.
For example, to enable SSH protection, create a symlink for the SSH jail configuration file:
$ sudo ln -s /etc/fail2ban/jail.d/sshd.conf /etc/fail2ban/jail.local
Reload Fail2Ban for the changes to take effect:
$ sudo systemctl restart fail2ban
To view the list of banned IP addresses, use the command:
$ sudo fail2ban-client status [jail name]
Congratulations! You have successfully installed and configured Fail2Ban on your CentOS 7 server. It will now actively monitor your log files and protect your server against malicious activities.
What our customers say about us
Create your free account today.