Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email, or ejecting CD-ROM tray) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, curier, ssh, etc). For more info refer to the official web site
How to install Fail2ban. Enable Epel repository first:
Enable the remi repository.
Open the file /etc/yum.repos.d/remi.repo and set enable=1 in remi section of the file.
Now install Fail2ban:
Set Fail2ban to start at boot
Copy config file to keep the original backup.
Now we have a working config file /etc/fail2ban/jail.local, configure it according to your needs.
Now you have working Fail2ban server. To display banned hosts, enter:
To unlock IP, enter
Was this answer helpful?
We describe how to install Oracle 11g Express on Centos 6 x86_64 Openvz VPS. First of all you...
IN PROGRESS! this guide was gathered from official asteriks wikies...
Following guide was tested on CentOS 6. Install epel repository: wget...
How to generate and use public / private ssh keys This guide is tested on Centos 6 To...
If you want to redirect/nat some traffic to IP 22.214.171.124 via IP 126.96.36.199, it simply can be done...