Install and Configure Fail2Ban for Zimbra on CentOS 7

Below is how to install and configure Fail2Ban for Zimbra. In this guidance, I use CentOS. Please adjust python-pip version if using another OS

1. Install pip

yum install python3-pip

2. Install dependencies required by Fail2Ban

pip3 install pyinotify
pip3 install dnspython

3. Download and extract Fail2Ban

cd /tmp/
wget -c https://github.com/fail2ban/fail2ban/archive/0.9.4.tar.gz

4. Install Fail2Ban

tar -xvf 0.9.4.tar.gz
cd fail2ban-0.9.4
python3 setup.py install

5. Copy Fail2Ban service to systemd

cp files/fail2ban.service /usr/lib/systemd/system/

6. Adjust bin location on Fail2Ban service

vi /usr/lib/systemd/system/fail2ban.service

Adjust the following lines. Change /usr/bin become /usr/local/bin

Read more

Share

Install and configure fail2ban

Servers do not exist in isolation, and those servers with only the most basic SSH configuration can be vulnerable to brute force attacks. fail2ban provides a way to automatically protect the server from malicious signs. The program works by scanning through log files and reacting to offending actions such as repeated failed login attempts.

Step One—Install Fail2Ban

Because fail2ban is not available from CentOS, we should start by downloading the EPEL repository:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Follow up by installing fail2ban:

yum install fail2ban

Step Two—Copy the Configuration File

The default fail2ban configuration file is location at /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it.

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

After the file is copied, you can make all of your changes within the new jail.local file. Many of possible services that may need protection are in the file already. Each is located in its own section, configured and turned off.

Read more

Share