In this guide you’ll learn how to install fail2ban on CentOS 7, and why fail2ban it’s a must for your SSH server.
No matter if your server is private and it’s only you who uses it, that doesn’t mean you will never be target of bad guys.
Fail2ban is a service that will log actions of IPs that will try to access your server, in short fail2ban will keep bad guys away from your server.
Before we get started, make sure your system is up to date
sudo yum update
In order to install fail2ban, you need to have epel release (Extra packages for Enterprise Linux) installed on your system, as fail2ban it’s not included on CentOS package repository.
sudo yum install epel-release
sudo yum install fail2ban
After installing fail2ban, you need to create a new local config file that will be used by fail2ban as the main config file. Fail2ban stores all configs by default on "/etc/fail2ban/jail.conf" but we dont want to touch that file as it can be overwritten by other packages when you update the system.
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
New config file will be located at
sudo nano /etc/fail2ban/jail.local ----- Copy and paste the config below to your jail.local file [sshd] enabled = true ignoreip = 127.0.0.1/8 bantime = 3600 port = ssh logpath = %(sshd_log)s maxretry = 3 -----
systemctl enable fail2ban systemctl start fail2ban
tail -f /var/log/secure
Fail2ban useful commands
systemctl start fail2ban
systemctl stop fail2ban
systemctl restart fail2ban
Check fail2ban status
systemctl status fail2ban