a pure Raspi web server with Raspbian Debian

Raspberry pi server

 Setups and configurations

 Raspberry pi - Rpi

 Apache / LAMP server

Windward

 The game not the island group

anchor life saver

 Regarding unity3d

🙂 In-game char icons

 Public game server settings

🛠 Hafenzoll @raspberry
🛠 Windward defaults

 Social news aggregation

Community @steam
🌍 Windward #reddit

 Official Windward wiki

🛠 Wiki @gamepedia
Duckduckgo pirate flag
Something else

 This is in German language

💻 Linux - ubuntusers.de

 Get a handy weather widget

🌤 Weather code snippet

 Hotchpotch of weblinks

📖 Yellow pages

 We got some boring movies

🎥 Cinematique
Archives
Search cloud
Front desk clerk

No ads, no trackers and
no web beacons. Promised.

Raspberry pi | Fail2Ban


If you operate these days a web server on the Internet, you will already have noticed how the number of attacks has skyrocketed over the last few years. Where you had twenty failed login attempts in the logfile ten years ago, today it's twohundred plus. That's a terrifying twist and should make any administrator or website owner think about how secure his data is.


fail2ban logo small PNGThere are many ways to secure a server on the Internet against intrusions from the outside, which is probably the most popular, because at the same time simplest method is:

Fail2Ban

The program does nothing else but to monitor failed login attempts and lock the IP at a certain number. Totally simple, very good. Fail2Ban has been around for about ten years and it is compatible with known services such as web server, FTP server and SSH servers compatible. It also brings dozens of pre-made filters with it. Thus, the installation and configuration is relatively simple and easy to implement even for expecting administrators.


Install and set up Fail2Ban


Here I go from an Raspbian system. The installation should also run on any Linux systems just as easily, since actually each of the larger distributions has the package in the package sources.


The command to install Fail2Ban is:


user@raspberry:~ $ sudo su
root@raspberrypi:# apt install fail2ban


After the installation, Fail2Ban can be found in the directory /etc/fail2ban. The configuration file is named jail.conf. This is also edited by us. But first an explanation of the parameters.


The jails are actually self-explanatory:


        enabled     true / false = active / inactive rule
        filter      name of the filter from /etc/fail2ban/filter.d
        port        specification of the port on which to listen
        logpath     path to the logfile
        maxretry    how often can you try to access before being locked
        findtime    time period in seconds that is taken into account
        bantime     time in seconds how long an IP is blocked. A negative value (-1) applies permanently
        

To create your own jails, we make a copy of jail.conf and name it jail.local.


Hot note: every .conf file can be overridden with a file named .local. The .conf file is read first, then .local, with later settings overriding earlier ones. Modifications should take place in the .local and not in the .conf. This avoids merging problem when updating or upgrading the program.


root@raspberrypi:# cd /etc/fail2ban
root@raspberrypi:# cp jail.conf jail.local


root@raspberrypi:# nano /etc/fail2ban/jail.local


So. Now two examples.


        [ssh]
        enabled = true
        port    = ssh
        filter  = sshd
        logpath  = /var/log/auth.log
        maxretry = 4
        
        [apache]
        enabled  = true
        port     = http,https
        filter   = apache-auth
        logpath  = /var/log/apache*/*error.log
        maxretry = 3
        findtime = 600
        

This protects our sshd and apache2. The log information is redirected to auth.log errror.log,
but can also be stored in any other file.


To start the rule we have to start our Fail2Ban service or reload it for new rules.


root@raspberrypi:# service fail2ban start
root@raspberrypi:# service fail2ban reload


How to terminate the Fail2Ban service?


root@raspberrypi:# service fail2ban stop


The output and whether your service also does its work you get displayed with the following command.


root@raspberrypi:# tail -100f /var/log/fail2ban.log


Quit Crtl C


That should have been it. Of course, the program offers much more complex configuration options,
but I will not go into that here.


🔗 https://www.fail2ban.org/wiki/index.php/Main_Page


24-Aug 2018

Hafenzoll 2019