Fail2ban

From Proxmox VE
Revision as of 12:51, 18 February 2014 by M ardito (talk | contribs)
Jump to navigation Jump to search

Note: article taken straight from this forum post

Protecting the web interface with fail2ban

aptitude install fail2ban

Copy the file /etc/fail2ban/jail.conf to a new file jail.local

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Add the following string to the end of this file /etc/fail2ban/jail.local :

[proxmox3]
enabled = true
port = https,http,8006
filter = proxmox3
logpath = /var/log/daemon.log
maxretry = 3
bantime = 3600 # 1 hour

Create the file /etc/fail2ban/filter.d/proxmox3.conf :

[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =

You can test your configuration with the command :

fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf

Restart fail2ban:

/etc/init.d/fail2ban restart

Links