How to setup fail2ban on CentOS Server

Fail2Ban is a fantastic utility and in my honest opinion, it’s a great tool when it comes to server security if setup properly. Today we are going to setup Fail2Ban on a new Centos Web Server and I am going to guide you through this step by step.

Since Fail2Ban is a cmd utility you need to access your server through SSH, a good utility for this is Putty

Once you are connected to your server, you need to make sure that Epel Repository is available, so check that first using :

yum repolist

 If you don’t know how to enable Epel here’s a how-to: How to enable Epel Repo on CentOS

Our next step is to actually install Fail2Ban using yum (now that Epel is active)

yum install fail2ban

But … our job is not done yet, as having Fail2Ban installed but not configured does us no good as we are not actually using Fail2Ban benefits.

How to set up fail2ban on Centos Server

Fail2Ban comes with a basic conf file that can be found under /etc/fail2ban/jail.conf , what I suggest here is the local jail file, so you need to copy the /etc/fail2ban/jail.conf to /etc/fail2ban/jail.local

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Once you got that done, let’s edit the configuration and make Fail2Ban work for us and our server security and protection.

nano /etc/fail2ban/jail.local

This is how you .local fail2ban configuration file looks… so now let’s go scroll down and change a few things

Since we use nano we are going to use the nano search function by pressing Ctrl + w and look for the email functions and change the default address to the one’s we use.

# Destination email address used solely for the interpolations in
# jail.{conf,local,d/*} configuration files.
destemail = localhost@localdomain <- Change that to yours

Save your config file, restart Fail2Ban and you are all set!

service fail2ban restart