Skip to content

Fail2Ban

Jump to bottom
Admin0705 edited this page May 17, 2018 · 26 revisions

CLICKING the STAR in the UPPER RIGHT promotes our PROJECT on GITHUB!

These are some settings found to perform a BanHammer on those who want to hack into your server via SSH.

Reference : https://nerdily.org/2017/upgrading-fail2ban-to-a-permanent-banhammer/

On a fresh server if you wait an hour or so, this will show you a list of IP's that have been trying to access your server :-

sudo cat /var/log/fail2ban.log

Make copy of jail

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Edit jail.local

sudo nano /etc/fail2ban/jail.local

Change host bantime from 600 to -1 for infinity (normally found around line 59)

bantime = -1

Then edit iptables

sudo nano /etc/fail2ban/action.d/iptables-multiport.conf

Find :-

actionstart = <iptables> -N f2b-<name>
              <iptables> -A f2b-<name> -j <returntype>
              <iptables> -I <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>

Underneath add :-

     cat /etc/fail2ban/persistent.bans | awk '/^fail2ban-<name>/ {print $2}' \
     | while read IP; do iptables -I fail2ban-<name> 1 -s $IP -j <blocktype>; done

Find :-

actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>

Underneath add :-

     echo "fail2ban-<name> <ip>" >> /etc/fail2ban/persistent.bans

Finally restart Fail2Ban

sudo service fail2ban restart

Home - https://plexguide.com

Installing PlexGuide

  1. PlexGuide Install Information

Preplanning & Information

  1. PG Folder Structure

Domain and Port Control

  1. CloudFlare Tunnel

Primary Applications

  1. Plex

Useful Links

  1. PG YouTube Channel
Clone this wiki locally