Search the Community

92 Results
  • Tutorial

    How To Protect SSH with Fail2Ban on Ubuntu 14.04

    Fail2ban is a daemon that can be run on your server to dynamically block clients that fail to authenticate correctly with your services repeatedly. This can help mitigate the affect of brute force attacks and illegit...
    By Justin Ellingwood Security Firewall Linux Basics Ubuntu
  • Tutorial

    How To Protect SSH With Fail2Ban on CentOS 7

    While connecting to your server through SSH can be very secure, the SSH daemon itself is a service that must be exposed to the internet to function properly. This comes with some inherent risk and offers a vector of ...
    By Brennen Bearnes Firewall Security Networking CentOS
  • Tutorial

    How To Protect SSH with fail2ban on Ubuntu 12.04

    fail2ban provides a way to automatically protect virtual servers from malicious behavior. This tutorial shows you how to install Fail2Ban, copy the Configuration File, configure the fail2ban defaults, and find out how...
    By Etel Sverdlov Security Monitoring Ubuntu
  • Tutorial

    How To Protect an Apache Server with Fail2Ban on Ubuntu 14.04

    When operating a web server, it is important to implement security measures to protect your site and users. Protecting your web sites and applications with firewall policies and restricting access to certain areas wit...
    By Justin Ellingwood Security Apache Firewall Ubuntu
  • Tutorial

    How To Protect an Nginx Server with Fail2Ban on Ubuntu 14.04

    When operating a web server, it is important to implement security measures to protect your site and users. Protecting your web sites and applications with firewall policies and restricting access to certain areas wit...
    By Justin Ellingwood Nginx Security Firewall Ubuntu
  • Tutorial

    How Fail2Ban Works to Protect Services on a Linux Server

    Fail2ban is a daemon that can be used to monitor the logs of services and ban clients that repeatedly fail authentication checks. It is a great tool to help protect against brute force attacks and malicious users. I...
    By Justin Ellingwood Security Firewall Monitoring Conceptual
  • Tutorial

    How To Protect SSH with fail2ban on CentOS 6

    fail2ban provides a way to automatically protect virtual servers from malicious behavior. This tutorial shows you how to download the required EPEL repository needed to install Fail2Ban, copy the Configuration File, ...
    By Etel Sverdlov Security Monitoring CentOS
  • Tutorial

    How To Protect WordPress with Fail2Ban on Ubuntu 14.04

    WordPress is a very robust content-management system (CMS) that is free and open source. Because anyone can comment, create an account, and post on WordPress, many malicious actors have created networks of bots and se...
    By Brook Shelley WordPress Security Ubuntu
  • Tutorial

    How To Protect SSH with fail2ban on Debian 7

    SSH is a very convenient tool for remotely administering your servers. However, it does open your machine up to brute force attacks designed to crack your password and gain access to your machine. In this guide, we ...
    By Justin Ellingwood Security System Tools Debian
  • Question

    Fail2Ban Not Automatically Ban IP After Several Failed Login Attempts

    I have set up a droplet running on Ubuntu 18.04. Everything including my websites on WordPress is working perfectly. But as I read on many blogs regarding hardening server security, then, I tried to install Fail2Ban. ...
    Accepted Answer: Hi there @shahahmadyusof, What I could suggest is to make sure you restart fail2ban after making any configuration changes Also make sure findtime isn't set too low. Another thing that I could suggest is to try and tr...
    1 By shahahmadyusof Security OpenLiteSpeed WordPress 1-Click
  • Question

    How to remove my IP from Fail2ban f2b-wordpress-hard list

    I have a Wordpress install from the Apps within Digital Ocean. It comes default with Fail2ban installed for security. I have logged into the server, and have verified my IP is in fact blocked under the f2b-wordpress-h...
    Accepted Answer: I kept searching more specific and found this command and unblocked my IP. Said to enter the chainrulename and line number. The chainrulename is "f2b-wordpress-hard" and the line number in my case was "1" cause it was...
    3 By CMiller147 WordPress Ubuntu 16.04
  • Question

    How can I get fail2ban to install on Centos 7.4?

    Bit of a noob on the command line, and have scoured many answers to problems with fail2ban and Centos 7.x (I'm on 7.4), none of which seem to get me past my problem. I've done yum install epel-release and this shows i...
    Accepted Answer: Solved. While checking for any package updates I noticed the epel repository was erroring with a 404. Once again I removed the repository, cleaned, and re-installed. A different version of the repository resulted and ...
    1 By zkarj Monitoring Security CentOS
  • Question

    Wordpress Fail2Ban Cron Attack Configuration

    Notice that a new kind of attack started to occur on Apache2 Wordpress servers that the default Fail2Ban configuration does not discover. Attack are aimed towards cron.php If you in/var/log/apache2/access.log find s...
    Accepted Answer: Thanks for sharing this!
    1 By mathias.asberg WordPress Apache Security
  • Question

    Can fail2ban on privately networked droplet use exim on other droplet

    Using Exim on Droplet 1 with FQDN to send myself rootkit hunter and fail2ban updates via gmail SMPT. I would like to run fail2ban on a droplet 2 privately networked to droplet 1. Droplet 2 has SRV record xmpp.domain...
    Accepted Answer: Hi @jbdough Yes, you can setup Exim on Droplet2, and configure it to relay to Droplet1. So more or less the same as you've done with the Gmail SMTP on Droplet1, but instead of relaying directly to Gmail on Droplet2, ...
    1 By jbdough Email Nginx Ubuntu 16.04
  • Question

    RIPE DB FAIL2BAN

    Is there anything to know about this fail2ban notification? I ask because all my other notifications don't have this RIPE DB query notification, so i'm wondering if this is something the hacker tried to access? ``` Hi...
    Accepted Answer: It's just information about the IP address. These notifications are pointless.
    1 By ariziragoran Firewall Ubuntu 16.04
  • Question

    My Sites Have Been Hacked - Whats the Best Security Prevention

    Hi Guys I have several wordpress sites hosted on an Ubuntu server driven by Nginx. Ive had to clean out many bogus php files and clean up my sites following an obvious hack I have fail2ban installed and ssl Hardening...
    Accepted Answer: Hello, @thinknew I will recommend you to check the folder's structure and make sure that the permissions are not set too high. This should prevent people from accessing certain directories and also prevent them from ...
    1 By thinknew Ubuntu 18.04 Nginx Security WordPress
  • Question

    The VPS iptables records limit (numiptent) might affect the work of Plesk's Fail2Ban.

    Hi, I had a situation with my previous Plesk install on VPS which could be the result of iptables records limit was exceeded. Can you please advise how can this get resolved to re-enable proper function of my fail2ban...
    0 By yubernadette1 Security
  • Question

    Is Fail2ban automatically well configured for the digital ocean wordpress 18-04 marketplace image ?

    If I launch an one click app wordpress blog (thanks to digital ocean wordpress ubuntu 18.04 image). I saw that the image included Fail2Ban. Will I need to configure it or is Fail2ban already configured for the differe...
    1 By EmmanuelMacron DigitalOcean WordPress Ubuntu 18.04
  • Question

    Fail2ban is not working properly since I enabled logrotate. Can someone provide advice?

    My fail2ban installation is not working properly since I enabled logrotate. I think the renaming of logfiles is not corresponding to the logs that fail2ban reads. I guess I need advice on what to put in /etc/fail2ban...
    2 By jamestr Logging CentOS
  • Question

    correctly configuring fail2ban when log files are located in a different location

    I installed NextCloud on Ubuntu 18 using the guide at https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-nextcloud-on-ubuntu-18-04 Now I want to install fail2ban. The installation went OK ...
    1 By hrishim Apache Ubuntu 18.04