Vesta Control Panel - Forum

I noticed an entry "How to install and configure fail2ban" in the documentation section (http://vestacp.com/docs/) but there was no documentation (yet) on this subject. Maybe some readers are not familiar with this at all, so I decided to share a simple installation instruction for fail2ban on CentOS to enable you to get some basic protection.

(I'm assuming you know how to use basic commands like insert and :wq to use vi, but google that first if you don't)

1. Connect to your server as root via SSH 2. Because fail2ban is not available by default, we'll need to download the EPEL repository: 3. Install fail2ban 4. The default fail2ban config file can be found at /etc/fail2ban/jail.conf. We're creating a copy, and fail2ban will use your configuration changes from that new file. 5. Now open your new fail2ban configuration file: Attention: You'll want to enter your personal/office ip address at the ignoreip line, to prevent locking yourself out.
You might also want to change the ban time (how long to block an IP - in seconds), maxretry (number of incorrect login attempts before blocking the IP) and the findtime (if someone attempts and fails the maxretry number of times in the specified findtime they get blocked)

6. Edit the desired sections. For instance: 7. Restart fail2ban. 8. Now, you probably want to start this on reboot; so enter: 9. See your rules list:
Note: there's more to do in order to protect your server, but this is a nice place to start... Anyone feel free to add to this post.

This is a great howto, thanks. I'm going to publish on the documentation page.

Cool! Will fail2ban be integrated into the VestaCP install?

Not decided yet. It depends on the firewall project which is not started as for now.