{"id":845,"date":"2014-10-23T20:32:00","date_gmt":"2014-10-23T20:32:00","guid":{"rendered":"https:\/\/qbytes.cloud\/?p=845"},"modified":"2014-10-23T20:32:00","modified_gmt":"2014-10-23T20:32:00","slug":"fail2ban-setup-plesk-centos","status":"publish","type":"post","link":"https:\/\/www.qbytes.cloud\/index.php\/2014\/10\/23\/fail2ban-setup-plesk-centos\/","title":{"rendered":"Fail2Ban Setup on CentOS 6.6"},"content":{"rendered":"<p>Because fail2ban is not available from CentOS, we should start by downloading the EPEL repository:<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nrpm -Uvh http:\/\/dl.fedoraproject.org\/pub\/epel\/6\/x86_64\/epel-release-6-8.noarch.rpm\n<\/pre>\n<p>Follow up by installing fail2ban:<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nyum install fail2ban\n\n<\/pre>\n<p>The default fail2ban configuration file is location at \/etc\/fail2ban\/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it.<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\n\ncp \/etc\/fail2ban\/jail.conf \/etc\/fail2ban\/jail.local\n\n<\/pre>\n<p>After the file is copied, you can make all of your changes within the new jail.local file. Many of possible services that may need protection are in the file already. Each is located in its own section, configured and turned off.<\/p>\n<p>Set up a few rules on a plesk server with CentOS<\/p>\n<p><strong>SSH<\/strong><\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">&#x5B;ssh-iptables]\n\nenabled  = true\nfilter   = sshd\naction   = iptables&#x5B;name=SSH, port=10222, protocol=tcp]\n           sendmail-whois&#x5B;name=SSH, dest=root, sender=admin@domain.com, sendername=&quot;Fail2Ban&quot;]\nlogpath  = \/var\/log\/secure\nmaxretry = 5\n\n<\/pre>\n<p>* Notice ssh is set up on port 10222<\/p>\n<p><strong>ProFTP<\/strong><\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">&#x5B;proftpd-iptables]\n\nenabled  = true\nfilter   = proftpd\naction   = iptables&#x5B;name=ProFTPD, port=ftp, protocol=tcp]\n           sendmail-whois&#x5B;name=ProFTPD, dest=admin@domain.com]\nlogpath  = \/var\/log\/secure\nmaxretry = 5\n\n<\/pre>\n<p>* Notice the log location. This is for a Plesk server as proftpd logs to \/var\/log\/secure<br \/>\nRestart fail2ban<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\"># service fail2ban restart\n<\/pre>\n<p>Postfix<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\n# This jail forces the backend to &quot;polling&quot;.\n&#x5B;sasl-iptables]\n\nenabled  = true\nfilter   = postfix-sasl\nbackend  = polling\naction   = iptables&#x5B;name=sasl, port=smtp, protocol=tcp]\n           sendmail-whois&#x5B;name=sasl, dest=admin@domain.com]\nlogpath  = \/usr\/local\/psa\/var\/log\/maillog\n\n<\/pre>\n<p>Postfix<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">&#x5B;postfix-tcpwrapper]\n\nenabled  = true\nfilter   = postfix\naction   = hostsdeny&#x5B;file=\/etc\/fail2ban\/hosts.deny]\n           sendmail&#x5B;name=Postfix, dest=admin@domain.com]\nlogpath  = \/usr\/local\/psa\/var\/log\/maillog\nbantime  = 300\n\n<\/pre>\n<p>Apache Auth<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">&#x5B;apache-tcpwrapper]\n\nenabled  = true\nfilter   = apache-auth\naction   = iptables&#x5B;name=apache, port=apache, protocol=tcp]\n           sendmail-whois&#x5B;name=apache, dest=admin@domain.com]\nlogpath  = \/var\/log\/httpd\/error_log\n#           \/home\/www\/myhomepage\/error.log\nmaxretry = 6\n\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Because fail2ban is not available from CentOS, we should start by downloading the EPEL repository: rpm -Uvh http:\/\/dl.fedoraproject.org\/pub\/epel\/6\/x86_64\/epel-release-6-8.noarch.rpm Follow up by installing fail2ban: yum install fail2ban The default fail2ban configuration file is location at \/etc\/fail2ban\/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of &#8230; <a title=\"Fail2Ban Setup on CentOS 6.6\" class=\"read-more\" href=\"https:\/\/www.qbytes.cloud\/index.php\/2014\/10\/23\/fail2ban-setup-plesk-centos\/\" aria-label=\"Read more about Fail2Ban Setup on CentOS 6.6\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,33,102],"tags":[],"class_list":["post-845","post","type-post","status-publish","format-standard","hentry","category-centos6","category-fail2ban","category-security"],"_links":{"self":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/comments?post=845"}],"version-history":[{"count":0,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/845\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/media?parent=845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/categories?post=845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/tags?post=845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}