• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » Installing Fail2ban on Ubuntu 14.04 : Nginx, HP Cloud

By Abhishek Ghosh August 17, 2015 9:58 pm Updated on August 17, 2015

Installing Fail2ban on Ubuntu 14.04 : Nginx, HP Cloud

Advertisement

Here is Guide With Steps on Installing Fail2ban on Ubuntu 14.04 on Server Running Nginx on HP Cloud. It adds a layer of security to SSH. HP Cloud has key based login and excellent virtual router where we can control the ingress-egress policies. We have shown before how to add port knocking to hide the SSH daemon. Fail2ban is another way to add security. This guide is intended for the advanced users.

 

Installing Fail2ban on Ubuntu 14.04 : Preface

 

Fail2ban is an intrusion prevention software to protect the servers from brute-force attacks. Fail2ban is written in the Python. Fail2ban monitors the log files for selected entries and run scripts. Most commonly this is used to block selected IP addresses which may breach the security. It can ban any IP that makes too many login attempts or performs any other action within a time frame defined by the sysadmin. The standard configuration ships with filters for Apache, Lighttpd etc. Filters are defined by Python regexes.

Fail2ban automatically alter the iptables firewall configuration, this is how the server to respond to illegitimate attempts in an automated way. We talked about jailed shell before.

Advertisement

---

 

Installing Fail2ban on Ubuntu 14.04 : Nginx, HP Cloud

 

We will suggest to take a snapshot of the running server if it is a live website as described in Disaster Mananagement using OpenStack Raksha and Floating IP.

First run update and then install Fail2ban :

Vim
1
apt update -y && apt-get install fail2ban

You can run cat on this file :

Vim
1
cat /etc/fail2ban/jail.conf

to check the contents. We need to copy it to /etc/fail2ban/jail.local and edit it :

Vim
1
2
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
nano /etc/fail2ban/jail.local

Find the section named [DEFAULT] and localhost should not be banned :

Vim
1
ignoreip = 127.0.0.1/8

The [DEFAULT] section, excluding the commented out lines looks like this :

Vim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[DEFAULT]
 
ignoreip = 127.0.0.1/8
bantime = 600
findtime = 600
maxretry = 3
backend = auto
usedns = warn
destemail = root@localhost
sendername = Fail2Ban
banaction = iptables-multiport
mta = sendmail
protocol = tcp
chain = INPUT
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
          %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s", sendername="%(sendername)s"]
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
           %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]
action = %(action_)s

There are three parameters you must about – bantime, maxretry and findtime.

bantime parameter sets the length of time that a client will be banned failing to authenticate. By default, this is set to 600 seconds. maxretry sets the number of tries a client can do within timeframe defined by findtime before getting banned. By default, fail2ban service will ban client attempts to log in 3 times within a 10 minute timeframe.

Vim
1
2
3
4
5
6
...
bantime = 600
...
findtime = 600
maxretry = 3
...

There will be a section named [SSH]. It must be enabled :

Vim
1
enabled = true

Before going to Nginx related settings, we are mentioning once – /etc/fail2ban/filter.d directory keeps the filters. There should be section named [nginx-http-auth] in /etc/fail2ban/jail.local, it should look like this :

Vim
1
2
3
4
5
6
[nginx-http-auth]
 
enabled = true
filter  = nginx-http-auth
port    = http,https
log path = /var/log/nginx/error.log

where /var/log/nginx/error.log is the real log of Nginx. To force the automation at firewall, we need to install :

Vim
1
apt-get install iptables-persistent

We are providing a set of commands for basic security :

Vim
1
2
3
4
5
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -j DROP

Stop the service and start it :

Vim
1
service fail2ban stop && service fail2ban start

check the iptables rules :

Vim
1
sudo iptables -S

You can check this file by running cat :

Vim
1
cat /etc/fail2ban/action.d/iptables-multiport.conf

It is beyond our scope to highly customize Fail2ban for your need, you should look at the official website and read the manual of Fail2ban. For example, we have not talked about :

Installing Fail2ban on Ubuntu 14.04 - Nginx, HP Cloud

 

Hello! I Want To Use Fail2ban With ufw

 

As Fail2ban uses iptables and inserts rules first in the INPUT chain, if there is ufw running, it might not get integrated. To fully integrate Fail2ban to use ufw rather then iptables you will need to edit :

Vim
1
nano /etc/fail2ban/jail.conf

the [ssh] section should look like this :

Vim
1
2
3
4
5
6
7
[ssh]
enabled = true
banaction = ufw-ssh
port = 2992
filter = sshd
logpath = /var/log/auth.log
maxretry = 3

then :

Vim
1
nano /etc/fail2ban/action.d/ufw-ssh.conf

Vim
1
2
3
4
5
6
[Definition]
actionstart =
actionstop =
actioncheck =
actionban = ufw insert 1 deny from <ip> to any app OpenSSH
actionunban = ufw delete deny from <ip> to any app OpenSSH

This Article Has Been Shared 716 Times!

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to Installing Fail2ban on Ubuntu 14.04 : Nginx, HP Cloud

  • Setup own URL Shortening Service for Websites on Rackspace Cloud

    Setup own URL Shortening Service for Websites on Rackspace Cloud within fraction of a minute using Free Google Apps Labs Short Links service.

  • Cloud Computing Disaster Recovery For WordPress After Hacking

    Cloud Computing Disaster Recovery Cheat Sheet for WordPress presents the clever ways to make the hacker fool and get your website back within few minutes.

  • Cloud Security Solutions for Tablets and Smartphones

    Cloud Security Solutions for Tablets and Smartphones covers the issues with lost or stolen mobile devices, accidental data deletion, App security and Malwares.

  • Cloud Server, PaaS, VPS, Dedicated Server : Choose the Right

    Cloud Server, PaaS, VPS, Dedicated Server, Colocation Server – lot of options for hosting from Free to few thousand dollars per month. Which one to pick ?

  • Service Oriented Architecture (SOA) : Detail Article

    Service Oriented Architecture or SOA is an architectural pattern of IT which plays a special role on business processes, where levels of abstraction are basis.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • What is ChatGPT? February 3, 2023
  • Zebronics Pixaplay 16 : Entry Level Movie Projector Review February 2, 2023
  • What is Voice User Interface (VUI) January 31, 2023
  • Proxy Server: Design Pattern in Programming January 30, 2023
  • Cyberpunk Aesthetics: What’s in it Special January 27, 2023

About This Article

Cite this article as: Abhishek Ghosh, "Installing Fail2ban on Ubuntu 14.04 : Nginx, HP Cloud," in The Customize Windows, August 17, 2015, February 4, 2023, https://thecustomizewindows.com/2015/08/installing-fail2ban-on-ubuntu-14-04-nginx-hp-cloud/.

Source:The Customize Windows, JiMA.in

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT