Log in to your server
Log in to mCloud portal, open the main page of your server and then follow these steps:
- Click Console.
- Enter your username: "root".
- Enter your password (to see your password, click Show under Root password).
Install EPEL
While Fail2ban is not available in the official CentOS package repository, it is packaged for the EPEL project. EPEL, standing for Extra Packages for Enterprise Linux, can be installed with a release package that is available from CentOS:
sudo yum install epel-releaseInstali Fail2ban
After installing EPEL, issue the following command to install Fail2ban:
yum install fail2banOnce it's installed, enable it using:
systemctl enable fail2banBasic configuration
The configuration file for Fail2ban resides in the /etc/fail2ban folder. This folder also contains the configuration file with default settings named jail.conf. Considering the fact that this faile can be overwritten with each future upgrade, it is recomended that you leave this file untouched and create a new file instead called jail.local..
All settings which are defined in the jail.local file wll automatically overwrite everything in the jail.conf file. Open the new file using nano (or any other text editor of your choice):
nano /etc/fail2ban/jail.localEnter the following:
[DEFAULT]# Ban hosts for one hour:
bantime = 3600
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd] enabled = true
This overrides three settings: It sets a new default bantime for all services, makes sure we're using iptables for firewall configuration, and enables the sshd jail. Next, restart FAil2ban, using:
systemctl restart fail2banTo check if the service si running, issue the following command:
fail2ban-client status