-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathFail2ban.sh
executable file
·34 lines (26 loc) · 1.1 KB
/
Fail2ban.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/bin/bash
# Update system packages
yum update -y
# Install Fail2ban and dependencies
yum install -y epel-release fail2ban fail2ban-systemd
# Enable and start Fail2ban service
systemctl enable fail2ban
systemctl start fail2ban
# Backup default Fail2ban configuration file
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# Configure Fail2ban settings in jail.local
sed -i 's/bantime = 600/bantime = 86400/g' /etc/fail2ban/jail.local
sed -i 's/findtime = 600/findtime = 1200/g' /etc/fail2ban/jail.local
sed -i 's/maxretry = 3/maxretry = 5/g' /etc/fail2ban/jail.local
# Enable additional jails for common services
fail2ban-client set ssh enabled true
fail2ban-client set ssh bantime 86400
fail2ban-client set ssh findtime 1200
fail2ban-client set ssh maxretry 5
# Enable additional jails for potential E-commerce server vulnerabilities
fail2ban-client set php-fpm enabled true
fail2ban-client set php-fpm bantime 86400
fail2ban-client set php-fpm findtime 1200
fail2ban-client set php-fpm maxretry 5
# Display completion message
echo "Fail2ban installed and configured securely. Please review and adapt as needed."