Difference between revisions of "Fail2ban"

From Proxmox VE
Jump to navigation Jump to search
Line 4: Line 4:
  
 
<pre>aptitude install fail2ban</pre>
 
<pre>aptitude install fail2ban</pre>
 +
 +
Copy the file /etc/fail2ban/jail.conf to a new file jail.local
 +
 +
<pre>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</pre>
  
 
Add the following string to the end of this file /etc/fail2ban/jail.local :
 
Add the following string to the end of this file /etc/fail2ban/jail.local :

Revision as of 13:51, 18 February 2014

Note: article taken straight from this forum post

Protecting the web interface with fail2ban

aptitude install fail2ban

Copy the file /etc/fail2ban/jail.conf to a new file jail.local

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Add the following string to the end of this file /etc/fail2ban/jail.local :

[proxmox3]
enabled = true
port = https,http,8006
filter = proxmox3
logpath = /var/log/daemon.log
maxretry = 3
bantime = 3600 # 1 hour

Create the file /etc/fail2ban/filter.d/proxmox3.conf :

[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =

You can test your configuration with the command :

fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf

Restart fail2ban:

/etc/init.d/fail2ban restart

Links