Difference between revisions of "Fail2ban"
Jump to navigation
Jump to search
m |
|||
| Line 1: | Line 1: | ||
Note: article taken straight from [http://forum.proxmox.com/threads/16156-Fail2ban-for-Proxmox-3-1 this forum post] | Note: article taken straight from [http://forum.proxmox.com/threads/16156-Fail2ban-for-Proxmox-3-1 this forum post] | ||
| − | ==Protecting the web interface with fail2ban== | + | == Protecting the web interface with fail2ban == |
<pre>aptitude install fail2ban</pre> | <pre>aptitude install fail2ban</pre> | ||
| Line 41: | Line 41: | ||
</pre> | </pre> | ||
| − | =Links= | + | == Links == |
* [http://extremeshok.com/blog/?page_id=810 Proxmox VE 2.1 - Harden Network] | * [http://extremeshok.com/blog/?page_id=810 Proxmox VE 2.1 - Harden Network] | ||
* [http://forum.proxmox.com/threads/3583-How-To-implement-Fail2Ban-on-Host Forum Post] | * [http://forum.proxmox.com/threads/3583-How-To-implement-Fail2Ban-on-Host Forum Post] | ||
Revision as of 19:42, 26 October 2015
Note: article taken straight from this forum post
Protecting the web interface with fail2ban
aptitude install fail2ban
Create, if does not exist, the file jail.local (settings in this file takes precedence over identical settings of jail.conf. Use jail.conf as a template, copying and enabling into jail.local what you are interested in. Note that jail.conf could be overwritten by fail2ban package updates, jail.local will not)
Add the following string to the end of this file /etc/fail2ban/jail.local :
[proxmox3] enabled = true port = https,http,8006 filter = proxmox3 logpath = /var/log/daemon.log maxretry = 3 bantime = 3600 # 1 hour
Create the file /etc/fail2ban/filter.d/proxmox3.conf :
[Definition] failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.* ignoreregex =
You can test your configuration with the command :
fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf
Restart fail2ban:
/etc/init.d/fail2ban restart