it's a raspberry pi
Setups & configurations
Tailor shop✂ Embroidery & pennant
We got some boring movies🎥 Cinematique
Regarding unity3d🙂 In-game char icons
Social news aggregation🌍 Windward #reddit
Developer briefing☸ Dev's changelog
Official Windward wiki🛠 Wiki @gamepedia
Junk does not deliver mail✉ Private message
No ads, no trackers,
no web beacons
Get the weather widget🌤 Weather code snippet
Hotchpotch of weblinks📖 Yellow pages
If you operate these days a web server on the Internet, you will already have noticed how the number of attacks has skyrocketed over the last few years. Where you had twenty failed login attempts in the logfile ten years ago, today it's twohundred plus. That's a terrifying twist and should make any administrator or website owner think about how secure his data is.
There are many ways to secure a server on the Internet against intrusions from the outside, which is probably the most popular, because at the same time simplest method is:
The program does nothing else but to monitor failed login attempts and lock the IP at a certain number. Totally simple, very good. Fail2Ban has been around for about ten years and it is compatible with known services such as web server, FTP server and SSH servers compatible. It also brings dozens of pre-made filters with it. Thus, the installation and configuration is relatively simple and easy to implement even for expecting administrators.
Here I go from an Raspbian system. The installation should also run on any Linux systems just as easily, since actually each of the larger distributions has the package in the package sources.
The command to install Fail2Ban is:
user@raspberry:~ $ sudo su
root@raspberrypi:# apt install fail2ban
After the installation, Fail2Ban can be found in the directory
/etc/fail2ban. The configuration file is named
jail.conf. This is also edited by us. But first an explanation of the parameters.
jails are actually self-explanatory:
enabled true / false = active / inactive rule filter name of the filter from /etc/fail2ban/filter.d port specification of the port on which to listen logpath path to the logfile maxretry how often can you try to access before being locked findtime time period in seconds that is taken into account bantime time in seconds how long an IP is blocked. A negative value (-1) applies permanently
To create your own
jails, we make a copy of
jail.conf and name it
Hot note: every .conf file can be overridden with a file named .local. The .conf file is read first, then .local, with later settings overriding earlier ones. Modifications should take place in the .local and not in the .conf. This avoids merging problem when updating or upgrading the program.
root@raspberrypi:# cd /etc/fail2ban
root@raspberrypi:# cp jail.conf jail.local
root@raspberrypi:# nano /etc/fail2ban/jail.local
So. Now two examples.
[ssh] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log maxretry = 4
[apache] enabled = true port = http,https filter = apache-auth logpath = /var/log/apache*/*error.log maxretry = 3 findtime = 600
This protects our sshd and apache2. The log information is redirected to
but can also be stored in any other file.
To start the rule we have to start our Fail2Ban service or reload it for new rules.
root@raspberrypi:# service fail2ban start
root@raspberrypi:# service fail2ban reload
How to terminate the Fail2Ban service?
root@raspberrypi:# service fail2ban stop
The output and whether your service also does its work you get displayed with the following command.
root@raspberrypi:# tail -100f /var/log/fail2ban.log
Quit Crtl C
That should have been it. Of course, the program offers much more complex configuration options,
but I will not go into that here.