Difference between revisions of "Fail2ban"
Jump to navigation
Jump to search
| Line 4: | Line 4: | ||
<pre>aptitude install fail2ban</pre> | <pre>aptitude install fail2ban</pre> | ||
| + | |||
| + | Copy the file /etc/fail2ban/jail.conf to a new file jail.local | ||
| + | |||
| + | <pre>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</pre> | ||
Add the following string to the end of this file /etc/fail2ban/jail.local : | Add the following string to the end of this file /etc/fail2ban/jail.local : | ||
Revision as of 12:51, 18 February 2014
Note: article taken straight from this forum post
Protecting the web interface with fail2ban
aptitude install fail2ban
Copy the file /etc/fail2ban/jail.conf to a new file jail.local
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
Add the following string to the end of this file /etc/fail2ban/jail.local :
[proxmox3] enabled = true port = https,http,8006 filter = proxmox3 logpath = /var/log/daemon.log maxretry = 3 bantime = 3600 # 1 hour
Create the file /etc/fail2ban/filter.d/proxmox3.conf :
[Definition] failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.* ignoreregex =
You can test your configuration with the command :
fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf
Restart fail2ban:
/etc/init.d/fail2ban restart