How to Install Fail2Ban on CentOS 8 & Fedora 30/29

Step 1 – Install Fail2ban on CentOS 8

First of all, install epel-release package to configure EPEL yum repository on your CentOS 8 system. After that, install the Fail2ban rpm package using the following commands.

sudo dnf install epel-release
sudo dnf install fail2ban

Step 2 – Configure Fail2ban

Fail2ban keeps configuration files under /etc/fail2ban directory. but we need to create a copy of this file as jail.local.

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo vi /etc/fail2ban/jail.local 

Now we need to make necessary changes in jail.local file to create ban rules. Edit this file in your favorite editor and make changes in [DEFAULT] section.

 

 

Step 3 – Protect SSH/SFTP

After completing default configuration, go down in the same file jail.local and update [ssh-iptables] section as below.

[ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=22, protocol=tcp]
           sendmail-whois[name=SSH, dest=root, [email protected], sendername="Fail2Ban"]
logpath  = /var/log/secure
maxretry = 3

Step 4 – Protect FTP

Let’s protect your FTP (vsFTPd) server, Find the below entry of [vsftpd-iptables] section and make changes as below. If you are not using vsFTPd, you can skip this section.

[vsftpd-iptables]

enabled  = true
filter   = vsftpd
action   = iptables[name=VSFTPD, port=21, protocol=tcp]
           sendmail-whois[name=VSFTPD, [email protected]]
logpath  = /var/log/vsftpd.log
maxretry = 5
bantime  = 1800

Step 5 – Restart Service and Test

After making all the changes save your file and restart Fail2ban service using the following command.

sudo systemctl start fail2ban.service
sudo systemctl enable fail2ban.service

For testing purposes, I have tried SSH with the wrong credentials from a different machine. After three wrong attempts, Fail2ban blocked that IP via iptables with reject ICMP. You can see the rules in iptables after blocking the IP address as below. For SSH only systems, make sure to have SSH access from another IP before making these tests.

Was this answer helpful?

Related Articles

How to Enable CSF Firewall Web UI

Step 1 – Install Required Perl Modules: CSF UI required some of Perl modules to be installed...

How to Install and Configure CSF Firewall on Linux

Step 1: Download CSF Source Archive Download latest CSF archive source code from its official...

How To Install mod_cloudflare for Apache on Ubuntu

Install mod_cloudflare for Apache First of all, enable the PPA of Cloudflare module to your...

How To Install Wine 4.0 on CentOS 8 & Fedora 30/29

Step 1 – Prerequisite First of all, become root user on your CentOS 8 system. Then continue to...

How To Install MariaDB on Debian 10 (Buster)

Step 1 – Prerequsiteis You can find the MariaDB Apt configuration file from the official...