Enable Fail2ban for SSHD on Centos 7
Posted on
Installation
$ sudo yum install -y epel-release
$ sudo yum install -y fail2ban fail2ban-systemd
$ sudo yum update -y selinux-policy*Configure Fail2Ban
Edit the file /etc/fail2ban/jail.d/sshd.local[sshd]
enabled = true
port = ssh
#Disable this line
#action = firewallcmd-ipset
logpath = %(sshd_log)s
maxretry = 5
bantime = 86400
Edit /etc/fail2ban/jail.conf
ignoreip = 127.0.0.1/8 YOURIPEnable and start Fail2Ban
$ sudo systemctl enable fail2ban
$ sudo systemctl start fail2ban