How to get fail2ban on your Rocky Linux and AlmaLinux

How to get fail2ban on your Rocky Linux and AlmaLinux

This guide is about How to get fail2ban on your Rocky Linux and AlmaLinux. So read this free guide, How to get fail2ban on your Rocky Linux and AlmaLinux step by step. If you have query related to same article you may contact us.

How to get fail2ban on your Rocky Linux and AlmaLinux – Guide

Fail2ban must be on each of your Linux servers. If you haven’t installed it on Rocky Linux or AlmaLinux yet, Jack Wallen is here to help you with that. Fail2ban is one of the first software I install on Linux servers. This service will help prevent unwanted logins by prohibiting nefarious IP addresses from accessing your server. Unlike installing fail2ban on Ubuntu servers, you need to take an extra step with RHEL based servers. I’ll walk you through exactly that, demonstrating the process that will help you install fail2ban on Rocky Linux or AlmaLinux.

The process will install the fail2ban and firewalld package necessary to allow the service to run on systems.

what will you need

The only things you need to make this work are:

  • A running instance of Rocky Linux or AlmaLinux
  • A user with sudo privileges
  • That’s it. Let’s go to work.

    How to enable firewalld

    Out of the box, firewalld may not be working. To fix this, open a terminal window on your server and issue the command:

    sudo systemctl start firewalld

    Then enable the firewall service to run at startup with:

    sudo systemctl enable firewalld

    How to install fail2ban

    Now we can install fail2ban and the firewalld package. Back in the terminal window, add the EPEL repository with the command:

    sudo dnf install epel-release -y

    Once the repository is added, install fail2ban and the firewalld component with:

    sudo dnf install fail2ban fail2ban-firewalld -y

    Start and enable fail2ban with commands;

    sudo systemctl start fail2ban sudo systemctl enable fail2ban

    How to configure fail2ban

    With fail2ban installed, it’s time to configure it. First, we need to create a copy of the default configuration file with the command:

    sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

    Open this file for editing with the command:

    sudo nano /etc/fail2ban/jail.local

    In this file, look for the following options (in the section) and change them to reflect what you see below:

    bantime = 1h findtime = 1h maxretry = 5

    Save and close the file.

    Next, we need to allow fail2ban to work with firewalld (instead of iptables) with the command:

    sudo mv /etc/fail2ban/jail.d/00-firewalld.conf /etc/fail2ban/jail.d/00-firewalld.local

    Restart fail2ban with:

    sudo systemctl restart fail2ban

    How to create an SSH prison

    Now let’s create a jail setup for the SSH server that will ban IP addresses for 1 day after 3 failed login attempts. Create the new configuration with the command:

    sudo nano /etc/fail2ban/jail.d/sshd.local

    Paste the following into this new file:

    enabled = true bantime = 1d maxretry = 3

    Save and close the file. Restart fail2ban:

    sudo systemctl restart fail2ban

    At this point, fail2ban is now protecting you from nefarious SSH connections. You can test it by trying to login with SSH using an incorrect password. After three attempts, you will be blocked for one day. If you get blocked, you can unban your IP address with the command:

    sudo fail2ban-client unban ADDRESS

    Where ADDRESS is the banned IP address.

    And that’s all there is to installing fail2ban on Rocky Linux or AlmaLinux. Enjoy that heightened sense of security (just don’t rely on fail2ban for all your security needs).

    From the news www.techrepublic.com

    Final note

    I hope you like the guide How to get fail2ban on your Rocky Linux and AlmaLinux. In case if you have any query regards this article you may ask us. Also, please share your love by sharing this article with your friends.

    We will be happy to hear your thoughts

        Leave a reply

        Compsmag
        Logo