Wildsky F.

Easy things should be easy, and hard things should be possible.



使用 fail2ban 設定規則以阻擋嘗試登入的 request

Posted on

在 linode 上開的機器每次在登入時都會有這個訊息:

There were 9487 failed login attempts since the last successful login.

就想處理一下,簡單爬文發現大家都用這個 fail2ban。

這邊簡短地記錄安裝及使用方法,環境是 fedora 35。

sudo dnf update && sudo  dnf upgrade -y
sudo dnf install fail2ban
systemctl start fail2ban
systemctl enable fail2ban

開啟 /etc/fail2ban/jail.local,輸入下面的設定內容

[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/fail2ban.log
maxretry = 3

開啟 /etc/fail2ban/jail.d/sshd.local,輸入下面的設定內容

[sshd]
enabled = true
filter = sshd
port    = ssh
logpath = %(sshd_log)s
backend = auto

完成後再重啟服務:

systemctl restart fail2ban

這樣就完成了。

網路上有的說要設定 /etc/fail2ban/jail.local 有的又說要設定 /etc/fail2ban/jail.d/sshd.local,我懶得測了所以都放XD

Ref