Difference between revisions of "Fail2ban"

From Proxmox VE
Jump to navigation Jump to search
Line 5: Line 5:
 
<pre>aptitude install fail2ban</pre>
 
<pre>aptitude install fail2ban</pre>
  
Copy the file /etc/fail2ban/jail.conf to a new file jail.local
+
Create, if does not exist, the file jail.local
 
+
(settings in this file takes precedence over identical settings of jail.conf)
<pre>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</pre>
 
  
 
Add the following string to the end of this file /etc/fail2ban/jail.local :
 
Add the following string to the end of this file /etc/fail2ban/jail.local :

Revision as of 09:41, 19 February 2014

Note: article taken straight from this forum post

Protecting the web interface with fail2ban

aptitude install fail2ban

Create, if does not exist, the file jail.local (settings in this file takes precedence over identical settings of jail.conf)

Add the following string to the end of this file /etc/fail2ban/jail.local :

[proxmox3]
enabled = true
port = https,http,8006
filter = proxmox3
logpath = /var/log/daemon.log
maxretry = 3
bantime = 3600 # 1 hour

Create the file /etc/fail2ban/filter.d/proxmox3.conf :

[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =

You can test your configuration with the command :

fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf

Restart fail2ban:

/etc/init.d/fail2ban restart

Links