here is a workflow to install fail2ban with a basic ruleset in a new debian server<\/p>\n\n\n\n
# install dependency\napt-get install -y rsyslog\n# install fail2ban\napt-get install -y fail2ban\n\n# enable the service\nsystemctl enable fail2ban\n\n# Copy an existing configuration to a backup-file\ncp \/etc\/fail2ban\/jail.local \/etc\/fail2ban\/jail.local.$(date +%Y%m%d%H%M).bak\n\n# overwrite an existing configuration if existing and edit it using nano\necho \"\" > \/etc\/fail2ban\/jail.local && nano \/etc\/fail2ban\/jail.local<\/code><\/pre>\n\n\n\nNow copy the following template<\/p>\n\n\n\n
[DEFAULT]\nbanaction = iptables-multiport\nbanaction_allports = iptables-allports\n# \"bantime.increment\" allows to use database for searching of previously banned ip's to increase a \nbantime.increment = true\n\n# \"bantime.rndtime\" is the max number of seconds using for mixing with random time \nbantime.rndtime = 5\n\n# \"bantime.maxtime\" is the max number of seconds using the ban time can reach (doesn't grow further)\nbantime.maxtime = 3600\n\n# \"bantime.multipliers\" used to calculate next value of ban time instead of formula, corresponding\n# previously ban count and given \"bantime.factor\" (for multipliers default is 1);\nbantime.multipliers = 1 2 4 8 16 32 64 128 256 512 1024 2048 4096 8192\nbantime.formula = ban.Time * math.exp(float(ban.Count+1)*banFactor)\/math.exp(1*banFactor)\n\n# \"bantime.overalljails\" (if true) specifies the search of IP in the database will be executed \n# cross over all jails, if false (default), only current jail of the ban IP will be searched\nbantime.overalljails = true\n\n# \"ignoreself\" specifies whether the local resp. own IP addresses should be ignored\n# (default is true). Fail2ban will not ban a host which matches such addresses.\nignoreself = true\n\n# \"ignoreip\" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban\n# will not ban a host which matches an address in this list. Several addresses\n# can be defined using space (and\/or comma) separator.\nignoreip = 127.0.0.1\/8 ::1 \n\n# time is in seconds. 3600 = 1 hour, 86400 = 24 hours (1 day)\nfindtime = 86400\n\n# initial ban will be 1 second and will grow\nbantime = 1\nmaxretry = 5\n\n\n#\n# local jail configuration\n#\n\n\n[sshd]\nenabled = true\nname = sshd\nfilter = sshd\nservice = sshd\nmaxretry = 2\nmode = aggressive<\/code><\/pre>\n\n\n\nrestart the service <\/p>\n\n\n\n
service fail2ban restart<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"here is a workflow to install fail2ban with a basic ruleset in a new debian server Now copy the following template restart the service<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[8,1],"tags":[],"class_list":["post-687","post","type-post","status-publish","format-standard","hentry","category-debian","category-general"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=\/wp\/v2\/posts\/687","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=687"}],"version-history":[{"count":0,"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=\/wp\/v2\/posts\/687\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=687"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.koeckeis-fresel.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}