Comments on: How to Use Fail2ban to Secure Your Linux Server

By: Marc Compere

Marc Compere — Sat, 04 Jul 2020 15:14:53 +0000

fail2ban is outstanding. But why isn’t there a common networked database of fail2ban up addresses that indicate chronically problematic IP addresses? Like a common block list. It seems this is such an obvious next step, or perhaps this is available as a separate package???

By: max

max — Wed, 30 Jan 2019 15:52:14 +0000

Good evening,

I have a web application (using port 80) and I would like to secure it, HLP using fail2ban-client status httpd (there’s nothing)
Os: centos 6.10

thank you in advance

By: cybernard

cybernard — Tue, 09 Oct 2018 15:07:30 +0000

For performance reasons it is far better to use ipset in-conjunction with iptables.

# iptables -I INPUT 1 -m set --match-set banned_hosts src,src  -j DROP
# ipset create banned_hosts hash:net
# ipset add banned_hosts 1.2.3.4

Then set cron to periodical save said list.

# ipset save >all.txt

You will have to manual fake a service to get ipset to load on startup.

By: Carlos

Carlos — Mon, 30 Oct 2017 14:17:30 +0000

In reply to Bien Quang Cao.

You have to enable EPEL repo

https://www.tecmint.com/how-to-enable-epel-repository-for-rhel-centos-6-5/

By: Ravi Saive

Ravi Saive — Mon, 28 Mar 2016 11:26:07 +0000

In reply to Jerry Chan. @Jerry, On which Linux distribution you've installed Fail2ban? did you see failed login attempts in /var/log/secure file with the help of following command.

# cat /var/log/secure | grep 'Failed password' |  sort | uniq -c

If you see failed login attempts, then it means your Fail2ban working properly..