-
Notifications
You must be signed in to change notification settings - Fork 1
/
install_fail2ban.sh
70 lines (54 loc) · 1.56 KB
/
install_fail2ban.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/bin/bash
# Script to install and configure fail2ban on Ubuntu
# status: tested
# published by: Deepak Raj
# published on: 2024-08-28
# Check if the script is run as root
if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root. Please use sudo."
exit 1
fi
# Update package lists
echo "Updating package lists..."
apt-get update -y
# Install fail2ban
echo "Installing fail2ban..."
apt-get install -y fail2ban
# Configure fail2ban (basic setup)
echo "Configuring fail2ban..."
# Create a local configuration file to override default settings
# This prevents changes from being overwritten during package updates
cat <<EOF > /etc/fail2ban/jail.local
[DEFAULT]
# Ban hosts for 10 minutes
bantime = 10m
# Find hosts that fail 5 times
maxretry = 5
# Ignore IP addresses (e.g., for local network)
ignoreip = 127.0.0.1/8
# Enable common jail configurations
[sshd]
enabled = true
port = ssh
logpath = %(sshd_log)s
[apache-auth]
enabled = true
port = http,https
logpath = %(apache_error_log)s
[nginx-http-auth]
enabled = true
port = http,https
logpath = %(nginx_error_log)s
EOF
# Restart fail2ban to apply the new configuration
echo "Restarting fail2ban..."
systemctl restart fail2ban
# Enable fail2ban to start on boot
echo "Enabling fail2ban to start on boot..."
systemctl enable fail2ban
# Display status of fail2ban
echo "Checking the status of fail2ban..."
systemctl status fail2ban
# Display final message
echo "Fail2ban installation and configuration completed!"
echo "Fail2ban is now installed and running. It will help protect your server from brute-force attacks."