Install Fail2ban on Centos 7

Date Posted: 13-06-2017

Fail2ban is a service used to ban IP address which makes unsuccessful attempts. In this post, we will explain on how to install fail2ban on centos server.

Implementation:

Fail2ban normally available on epel  repo. Incase if epel package is not installed then install epel package first. Let’s assume that epel package is already installed.

Install fail2ban package using yum.

yum -y install fail2ban

Enable the  service on reboot safe

systemctl enable fail2ban

Open the file /etc/fail2ban/jail.local  and append the below content.

vi /etc/fail2ban/jail.local

[DEFAULT]
# Ban hosts for one hour:
bantime = 3600

# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport

[sshd]
enabled = true

Start the fail2ban service.

systemctl start fail2ban

To view the fail2ban jail list,

fail2ban-client status

The output of the command will be as below.

Status
|- Number of jail: 1
`- Jail list: sshd

 

Leave a Reply