How to get fail2ban on your Rocky Linux and AlmaLinux – Guide
Jack Wallen explains how to install fail2ban on Rocky Linux and AlmaLinux, two RHEL-based servers. This security software helps protect against malicious logins by blocking IP addresses that attempt to access the server. Installing fail2ban on these servers requires an extra step compared to Ubuntu, which Wallen will demonstrate.
The installation of fail2ban and firewalld packages is necessary for the service to run on systems.
what will you need
The only things you need to make this work are:
Rocky Linux and AlmaLinux are both available to run on computers.
A user has been granted the ability to access and modify system-level files and settings, known as “sudo privileges”.
It’s time to get to work.
How to enable firewalld
Firewalld may not be functioning properly out of the box. To rectify this, open a terminal window on your server and enter the command.
The Linux command “sudo systemctl start firewalld” was used to activate the firewall on a computer.
To ensure the firewall service is always running, enable it to start up automatically.
The Linux command “sudo systemctl enable firewalld” enables the firewall on a Linux system, providing an extra layer of security.
How to install fail2ban
Install fail2ban and the firewalld package by adding the EPEL repository with the command:
Installing the EPEL release package was made easy with the command ‘sudo dnf install epel-release -y’.
Run the command dnf install fail2ban firewalld to add fail2ban and the firewalld component to your repository.
Installing the fail2ban and fail2ban-firewalld packages is as easy as running one command: “sudo dnf install fail2ban fail2ban-firewalld -y”.
To protect your system from malicious attacks, use the commands ‘start’ and ’enable’ to activate fail2ban.
To protect against malicious attacks, users can start and enable the fail2ban service using the systemctl command.
How to configure fail2ban
Copy the default configuration file for fail2ban with the command “cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local”. To configure fail2ban, create a copy of its default configuration file.
Copying the jail.conf file to jail.local allows users to customize their Fail2ban settings.
Edit the file using the command: To edit a file, use the command “open [filename] for editing”.
Edit the [DEFAULT] section of this file to reflect the following options:
After one hour of being locked out, users will have a one-hour window to reset their passwords before being blocked for five attempts.
The file should be saved and shut.
Firewalld can be used in place of iptables to enable fail2ban, with the command:
The Linux command line utility ‘fail2ban’ has been updated to include a new configuration file, ‘00-firewalld.local’, which replaces the existing ‘00-firewalld.conf’ file in the ‘/etc/fail2ban/jail.d/’ directory.
The system administrator can restart the fail2ban service by using the command “sudo systemctl restart fail2ban”.
How to create an SSH prison
Create a jail configuration for the SSH server that bans IP addresses after three failed login attempts for one day by running the command.
This file contains important information that needs to be saved. This document holds vital data that must be preserved. It is essential to keep this file safe and secure.
A new security measure has been implemented, allowing for a one-day ban after three failed attempts.
To complete the process, users must save and close the file before restarting fail2ban.
The system command “sudo systemctl restart fail2ban” was used to restart the security software, Fail2Ban.
Fail2ban is now protecting your SSH connections from malicious attempts. Test it by trying to log in with an incorrect password - after three failed attempts, you’ll be blocked for 24 hours. To unban your IP address, use the command:
Unbanning the specified address using the fail2ban-client command.
A ban on the IP address ADDRESS has been put in place.
Installing fail2ban on Rocky Linux or AlmaLinux can give you an extra layer of security. However, it should not be your only security measure.
A new study has found that the use of artificial intelligence (AI) in the workplace is on the rise. AI usage in the workplace is increasing, according to a recent study. The research revealed that more businesses are turning to AI-powered solutions to improve efficiency and productivity.
Final note
This guide provides step-by-step instructions on how to install fail2ban on Rocky Linux and AlmaLinux. If you have any questions, please reach out for help. Share the love by sharing this article with your friends.
