Installing and Configuring Fail2Ban for CentOS

Fail2Ban is an application that prevents dictionary attacks on your server. When Fail2Ban detects multiple failed login attempts from the same IP address, it creates temporary firewall rules that block traffic from the attacker’s IP address. Attempted logins can be monitored on a variety of protocols, including SSH, HTTP, and SMTP. By default, Fail2Ban monitors SSH only.

Install Fail2Ban by entering the following command:

sudo yum install epel-release
sudo yum install fail2ban

Optionally, you can override the default Fail2Ban configuration by creating a new

jail.local file.

Enter the following command to create the file:

sudo nano /etc/fail2ban/jail.local

Set the bantime variable to specify how long (in seconds) bans should last.

Set the maxretry variable to specify the default number of tries a connection may be attempted before an attacker’s IP address is banned.

Press Control-x and then press y to save the changes to the Fail2Ban configuration file.

Restart Fail2Ban by using sudo service fail2ban restart.

Fail2Ban is now installed and running on your Server. It will monitor your log files for failed login attempts. After an IP address has exceeded the maximum number of authentication attempts, it will be blocked at the network level and the event will be logged in

/var/log/fail2ban.log.
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

FFMPEG install on CentOS

How to install FFMPEG and FFMPEG-PHP install on CentOS 5.X To install FFMPEG please follow the...

How to set hostname on Centos 6?

In order to permanently set hostname on Centos 6 VPS you neew to run # nano...

How to change hostname on CentOS permanently

If you are installing LAMP on a new server and ran into the following issue with httpd during the...

CentOS: Start custom script automatically after network startup

Find the ifup-post under /etc/sysconfig/network-scripts. This scipt is called right after any...

Change hostname in CentOS

How to Change Hostname - CentOSThis KB helps user to change hostname on CentOS. By default your...