Add fail2ban installation for security enhancement
joglomedia opened this issue · comments
Introduction
Fail2ban is a log-parsing application that monitors system logs for symptoms of an automated attack on your server. When an attempted compromise is located, using the defined parameters, Fail2ban will add a new rule to iptables to block the IP address of the attacker, either for a set amount of time or permanently. Fail2ban can also alert you through email that an attack is occurring.
Installation
Sampel installation on Ubuntu instance
https://www.linode.com/docs/security/using-fail2ban-for-security/
apt-get update && apt-get upgrade -y
apt-get install fail2ban
optional
apt-get install sendmail
Fail2ban Configuration
Sampel configuration for /etc/fail2ban/jail.local
backend = systemd
[sshd]
enabled = true
port = 2269
filter = sshd
logpath = /var/log/auth.log
maxretry = 6