Fail2ban安裝設定

安裝 Fail2ban:

apt install fail2ban

編輯 /etc/fail2ban/jail.local

nano /etc/fail2ban/jail.local

[proxmox-web-gui]
enabled  = true
port     = http,https,8006
filter   = proxmox-web-gui
logpath  = /var/log/daemon.log
maxretry = 3       //嘗試次數
bantime = 3600 //封鎖秒數

增加Filter:

nano /etc/fail2ban/filter.d/proxmox-web-gui.conf


[Definition]
failregex = pvedaemon\[[0-9]+\]: authentication failure; rhost=<HOST> user=.* msg=.*

測試:

fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox-web-gui.conf

重啟服務:

service fail2ban restart

查看狀態:

fail2ban-client -v status
fail2ban-client -v status proxmox-web-gui

 

阅读剩余
THE END