{"id":4566,"date":"2022-08-23T16:45:00","date_gmt":"2022-08-23T21:45:00","guid":{"rendered":"https:\/\/www.incredigeek.com\/home\/?p=4566"},"modified":"2022-08-23T15:58:33","modified_gmt":"2022-08-23T20:58:33","slug":"install-and-configure-fail2ban-on-fedora-centos-redhat","status":"publish","type":"post","link":"https:\/\/www.incredigeek.com\/home\/install-and-configure-fail2ban-on-fedora-centos-redhat\/","title":{"rendered":"Install and Configure Fail2ban on Fedora\/CentOS\/RedHat"},"content":{"rendered":"\n<p>The following is a very basic guide for setting up Fail2ban for SSH.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Install and basic config<\/h2>\n\n\n\n<p>Install Fail2ban<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo dnf install fail2ban<\/pre>\n\n\n\n<p>You may need to install the epel repo<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo yum install epel-release<\/pre>\n\n\n\n<p>Configure to run on system boot<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo systemctl enable fail2ban<\/pre>\n\n\n\n<p>Start Fail2ban service<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo systemctl start fail2ban<\/pre>\n\n\n\n<p>Copy config file with<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo cp \/etc\/fail2ban\/jail.conf \/etc\/fail2ban\/jail.local<\/pre>\n\n\n\n<p>Modify the config file<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">nano \/etc\/fail2ban\/jail.local<\/pre>\n\n\n\n<p>Uncomment the following line and add any IPs that need to be whitelisted<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">ignoreip = 127.0.0.1\/8 ::1 192.168.1.20<\/pre>\n\n\n\n<p>Save the file and restart Fail2Ban<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo systemctl restart fail2ban<\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">Configuring Fail2Ban for SSH<\/h2>\n\n\n\n<p>Create a new jail file in \/etc\/fail2ban\/jail.d\/ called sshd.local<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">nano \/etc\/fail2ban\/fail.d\/sshd.local<\/pre>\n\n\n\n<p>Add the following.  <em>Note: if you are using a custom ssh port, change &#8220;port = ssh&#8221; to &#8220;port = portnumber&#8221;<\/em><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[sshd]\nenabled = true\nport = ssh\naction = iptables-multiport\nlogpath = \/var\/log\/secure\nmaxretry = 5\nbantime = 300<\/pre>\n\n\n\n<p>Restart Fail2ban<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo systemctl restart Fail2ban<\/pre>\n\n\n\n<p>You can list the firewall rules to verify that an IP gets banned.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">iptables -S | grep ipaddress<\/pre>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Unbanning an IP Address<\/h2>\n\n\n\n<p>You can unban an IP address with the following command.  <\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">sudo fail2ban-client set sshd unbanip 192.168.1.100<\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>You can check out the following link for more information<\/p>\n\n\n\n<p><a href=\"https:\/\/www.redhat.com\/sysadmin\/protect-systems-fail2ban\">https:\/\/www.redhat.com\/sysadmin\/protect-systems-fail2ban<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The following is a very basic guide for setting up Fail2ban for SSH. Install and basic config Install Fail2ban sudo dnf install fail2ban You may need to install the epel repo sudo yum install epel-release Configure to run on system &hellip; <a href=\"https:\/\/www.incredigeek.com\/home\/install-and-configure-fail2ban-on-fedora-centos-redhat\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,573],"tags":[1336,1335,15,7,221,294],"class_list":["post-4566","post","type-post","status-publish","format-standard","hentry","category-linux","category-security","tag-f2b","tag-fail2ban","tag-iptables","tag-linux-2","tag-ssh","tag-sshd"],"_links":{"self":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/4566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/comments?post=4566"}],"version-history":[{"count":2,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/4566\/revisions"}],"predecessor-version":[{"id":4568,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/4566\/revisions\/4568"}],"wp:attachment":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/media?parent=4566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/categories?post=4566"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/tags?post=4566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}