How to install and configure fail2ban on CentOS 7

Posted on

Fail2ban is available through the EPEL project. So it needs to be installed first.

Install

sudo yum install epel-release
sudo yum install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
sudo systemctl status fail2ban

Configure

Configuration files is located in the /etc/fail2ban directory. Leave the jail.conf as default and create your own config file called /etc/fail2ban/jail.d/jail.local. The values defined in jail.local will take precedent over jail.conf. 

sudo touch /etc/fail2ban/jail.d/jail.local
sudo vim /etc/fail2ban/jail.d/jail.local

add the content to it as needed. below is a sample content

[DEFAULT]
# Ban hosts for one hour:
bantime = 3600

# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport

[sshd]
enabled = true

[nginx-http-auth]
enabled = true
sudo systemctl restart fail2ban
sudo systemctl status fail2ban

Monitor

sudo fail2ban-client status
sudo fail2ban-client status jail_name
sudo tail -F /var/log/fail2ban.log
, ,
Saeed

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.