1. 首页
    2. Warning: Undefined array key 0 in /var/www/html/wp-content/themes/Kratos/single.php on line 30 Warning: Attempt to read property "term_id" on null in /var/www/html/wp-content/themes/Kratos/single.php on line 30 Warning: Undefined property: WP_Error::$term_id in /var/www/html/wp-content/themes/Kratos/single.php on line 35 Warning: Undefined property: WP_Error::$name in /var/www/html/wp-content/themes/Kratos/single.php on line 37 Warning: Undefined property: WP_Error::$parent in /var/www/html/wp-content/themes/Kratos/single.php on line 38
  3. 正文

How to Use Fail2ban to Prevent Brute Force Attacks

2023年5月12日 2点热度 0人点赞 0条评论
内容目录

Fail2ban is a tool used to prevent brute force attacks by monitoring log files and blocking IP addresses when malicious behavior is detected. Here are the basic usage instructions for Fail2ban:

  1. Install Fail2ban:

    For Debian/Ubuntu systems, use the following commands to install:

    sudo apt-get update  
sudo apt-get install fail2ban

    For CentOS/RHEL systems, use the following commands to install:

    sudo yum install epel-release  
sudo yum install fail2ban

  2. Configure Fail2ban:

The configuration files for Fail2ban are located in the /etc/fail2ban/ directory. First, copy the default configuration file jail.conf to create a new file named jail.local:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Use a text editor to edit the newly created jail.local file:

sudo nano /etc/fail2ban/jail.local

In this file, you can configure the following as needed:

  • ignoreip: Set IP addresses that Fail2ban will not monitor.
  • bantime: Set the ban time (in seconds), default is 600 seconds (10 minutes).
  • findtime: Set the maximum number of failures that will trigger a ban within this time period (in seconds), default is 600 seconds (10 minutes).
  • maxretry: Set the maximum number of allowed failures; exceeding this will trigger a ban, default is 5 attempts.

You can also configure different services (such as SSH, Apache, Nginx, etc.) individually. In the corresponding service section, set enabled to true, and adjust other parameters as needed.

  1. Start and enable Fail2ban:

    For Debian/Ubuntu systems, use the following commands to start and enable Fail2ban:

    sudo systemctl start fail2ban  
sudo systemctl enable fail2ban

    For CentOS/RHEL systems, use the following commands to start and enable Fail2ban:

    sudo systemctl start fail2ban  
sudo systemctl enable fail2ban

  2. View and manage Fail2ban:

Use the following command to view the status of Fail2ban:

sudo fail2ban-client status

To check the status of a specific service (such as SSH), use the following command:

sudo fail2ban-client status sshd

To unban an IP address, use the following command:

sudo fail2ban-client set sshd unbanip <IP_ADDRESS>

These are the basic usage instructions for Fail2ban. You can further configure and optimize Fail2ban settings according to your actual needs.

本作品采用 知识共享署名-非商业性使用-相同方式共享 4.0 国际许可协议 进行许可
标签: 暂无
最后更新:2023年5月12日

痴者工良

高级程序员劝退师

文章评论

razz evil exclaim smile redface biggrin eek confused idea lol mad twisted rolleyes wink cool arrow neutral cry mrgreen drooling persevering

COPYRIGHT © 2024 whuanle.cn. ALL RIGHTS RESERVED.

Theme Kratos Made By Seaton Jiang

粤ICP备18051778号

粤公网安备 44030902003257号