Fail2ban installation in Ubuntu 22.04
Fail2Ban is an application, Fail2Ban is an application / Linux / Fail2Ban is an application, Fail2Ban is an application (Fail2Ban is an application). Fail2Ban is an application, Fail2Ban is an application. Fail2Ban is an application.
Fail2Ban is an application (for example,. ssh, Fail2Ban is an application, Fail2Ban is an application, Fail2Ban is an application…), then blocks the attacker's IP address using iptables rules or by adding an entry to the /etc/hosts.deny file
To install, first run the terminal and update the system repository.
issue the command:
1 | sudo apt update |
The next step is installation:
1 | sudo apt install fail2ban -y |
We run Fail2ban in the system:
1 | sudo systemctl enable fail2ban |
1 | sudo systemctl start fail2ban |
We make the initial configuration.
We transfer the configuration file:
1 | sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local |
We edit the configuration file:
1 | sudo nano /etc/fail2ban/jail.local |
First off, comment on the ignoreip option and add your IP address. All IP addresses in the ignoreip option will not be blocked by Fail2ban.
1 | ignoreip = 127.0.0.1/8 ::1 192.168.1.0/24 192.168.10.20 |
We set the lock length settings in this section:
1 2 3 | bantime = 1d findtime = 10m maxretry = 5 |
If we want to receive e-mail notifications about blockades, we configure this section:
1 2 3 | action = %(action_mw)s destemail = admin@domena.pl sender = root@domena.pl |
we replace the e-mail address with your address.
Below is the first rule to block incorrect logins to ssh
1 2 3 4 5 6 7 8 9 | [sshd] enabled = true maxretry = 3 findtime = 1d bantime = 1w port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s |
We restart the service:
1 | sudo systemctl restart fail2ban |
