Fail2ban is a very useful application for the system administrator. It is very helpful to make your server more secure. Fail2Ban scan logs file and has the ability to ban IP’s which is malicious based on the configuration rules. Fail2ban will add a new rule to IPtables and block the IP address of the attacker for some species of time or permanently.
Fail2Ban is primarily focused to secure server with SSH attacks, but you can do with other service configuration also. This article will help you install Fail2Ban on CentOS/RHEL on 7/6.
Step 1: Install EPEL RPM Repository
Fail2Ban is not available in the official repository. So first we need to add EPEL repository on a server to install Fail2Ban.
For CentOS/RHEL 7: # yum install epel-release OR # yum localinstall --nogpgcheck http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm For CentOS/RHEL 6: # yum install epel-release OR # yum localinstall --nogpgcheck http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Step 2: Install Fail2ban Package
After installing the required repository use yum command to install the fail2ban package.
For CentOS/RHEL # yum install fail2ban For Ubuntu # apt-get install fail2ban
Step 3: Setup Fail2ban Default Configuration
Fail2Ban provides its own security configuration files fail2ban.conf, but if you want to make any changes it will be best to do in the separate file fail2ban.local.