Protect SSH on CentOS 8 with Fail2Ban

0
0
0

Install Fail2Ban

  1. Enable and install the EPEL repository 
    # yum -y install epel-release
  2. Install Fail2Ban 
    # yum -y install fail2ban
  3. Configure Fail2Ban (See Below)
  4. Enable and start Fail2Ban 
    # systemctl enable fail2ban && systemctl start fail2ban

Configure Fail2Ban

  1. Edit /etc/fail2ban/jail.local 
    # vim /etc/fail2ban/jail.local
  2. Update/append as follows 
    [DEFAULT]
# Ban IP/hosts for 24 hour ( 24h*3600s = 86400s):
bantime = 86400
 
# An ip address/host is banned if it has generated "maxretry" during the last "findtime" seconds.
findtime = 600
maxretry = 3
 
# "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban
# will not ban a host which matches an address in this list. Several addresses
# can be defined using space (and/or comma) separator. For example, add your 
# static IP address that you always use for login such as 103.1.2.3
#ignoreip = 127.0.0.1/8 ::1 103.1.2.3
 
# Call iptables to ban IP address
banaction = iptables-multiport
 
# Enable sshd protection
[sshd]
enabled = true

View Fail2Ban Status

Run the following commands to view banned IPs

# fail2ban-client status
# fail2ban-client status sshd

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.