Difference between revisions of "Fail2ban"

From Proxmox VE
Jump to navigation Jump to search
Line 1: Line 1:
tbd.
+
Note: article taken straight from [http://forum.proxmox.com/threads/16156-Fail2ban-for-Proxmox-3-1 this forum post]
 +
 
 +
==Protecting the web interface with fail2ban==
 +
 
 +
<pre>aptitude install fail2ban</pre>
 +
 
 +
Add the following string to the end of this file /etc/fail2ban/jail.local :
 +
 
 +
<pre>
 +
[proxmox3]
 +
enabled = true
 +
port = https,http,8006
 +
filter = proxmox3
 +
logpath = /var/log/daemon.log
 +
maxretry = 3
 +
bantime = 3600 # 1 hour
 +
</pre>
 +
 
 +
Create the file /etc/fail2ban/filter.d/proxmox3.conf :
 +
 
 +
<pre>
 +
[Definition]
 +
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
 +
ignoreregex =
 +
</pre>
 +
 
 +
You can test your configuration with the command :
 +
 
 +
<pre>
 +
fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf
 +
</pre>
 +
 
 +
Restart fail2ban:
 +
 
 +
<pre>
 +
/etc/init.d/fail2ban restart
 +
</pre>
  
=Introduction=
 
==Submenu==
 
 
=Links=
 
=Links=
 
* [http://extremeshok.com/blog/?page_id=810 Proxmox VE 2.1 - Harden Network]
 
* [http://extremeshok.com/blog/?page_id=810 Proxmox VE 2.1 - Harden Network]
 
* [http://forum.proxmox.com/threads/3583-How-To-implement-Fail2Ban-on-Host Forum Post]
 
* [http://forum.proxmox.com/threads/3583-How-To-implement-Fail2Ban-on-Host Forum Post]
 +
* [http://forum.proxmox.com/threads/16156-Fail2ban-for-Proxmox-3-1 Forum Post for 3.1]
  
 
[[Category: HOWTO]]
 
[[Category: HOWTO]]

Revision as of 13:31, 18 February 2014

Note: article taken straight from this forum post

Protecting the web interface with fail2ban

aptitude install fail2ban

Add the following string to the end of this file /etc/fail2ban/jail.local :

[proxmox3]
enabled = true
port = https,http,8006
filter = proxmox3
logpath = /var/log/daemon.log
maxretry = 3
bantime = 3600 # 1 hour

Create the file /etc/fail2ban/filter.d/proxmox3.conf :

[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =

You can test your configuration with the command :

fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf

Restart fail2ban:

/etc/init.d/fail2ban restart

Links