Difference between revisions of "Fail2ban"
Jump to navigation
Jump to search
(→Links) |
|||
Line 1: | Line 1: | ||
− | + | Note: article taken straight from [http://forum.proxmox.com/threads/16156-Fail2ban-for-Proxmox-3-1 this forum post] | |
+ | |||
+ | ==Protecting the web interface with fail2ban== | ||
+ | |||
+ | <pre>aptitude install fail2ban</pre> | ||
+ | |||
+ | Add the following string to the end of this file /etc/fail2ban/jail.local : | ||
+ | |||
+ | <pre> | ||
+ | [proxmox3] | ||
+ | enabled = true | ||
+ | port = https,http,8006 | ||
+ | filter = proxmox3 | ||
+ | logpath = /var/log/daemon.log | ||
+ | maxretry = 3 | ||
+ | bantime = 3600 # 1 hour | ||
+ | </pre> | ||
+ | |||
+ | Create the file /etc/fail2ban/filter.d/proxmox3.conf : | ||
+ | |||
+ | <pre> | ||
+ | [Definition] | ||
+ | failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.* | ||
+ | ignoreregex = | ||
+ | </pre> | ||
+ | |||
+ | You can test your configuration with the command : | ||
+ | |||
+ | <pre> | ||
+ | fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf | ||
+ | </pre> | ||
+ | |||
+ | Restart fail2ban: | ||
+ | |||
+ | <pre> | ||
+ | /etc/init.d/fail2ban restart | ||
+ | </pre> | ||
− | |||
− | |||
=Links= | =Links= | ||
* [http://extremeshok.com/blog/?page_id=810 Proxmox VE 2.1 - Harden Network] | * [http://extremeshok.com/blog/?page_id=810 Proxmox VE 2.1 - Harden Network] | ||
* [http://forum.proxmox.com/threads/3583-How-To-implement-Fail2Ban-on-Host Forum Post] | * [http://forum.proxmox.com/threads/3583-How-To-implement-Fail2Ban-on-Host Forum Post] | ||
+ | * [http://forum.proxmox.com/threads/16156-Fail2ban-for-Proxmox-3-1 Forum Post for 3.1] | ||
[[Category: HOWTO]] | [[Category: HOWTO]] |
Revision as of 12:31, 18 February 2014
Note: article taken straight from this forum post
Protecting the web interface with fail2ban
aptitude install fail2ban
Add the following string to the end of this file /etc/fail2ban/jail.local :
[proxmox3] enabled = true port = https,http,8006 filter = proxmox3 logpath = /var/log/daemon.log maxretry = 3 bantime = 3600 # 1 hour
Create the file /etc/fail2ban/filter.d/proxmox3.conf :
[Definition] failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.* ignoreregex =
You can test your configuration with the command :
fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf
Restart fail2ban:
/etc/init.d/fail2ban restart