sudo vim \/etc\/fail2ban\/jail.local\r\n<\/pre>\nDans ce fichier vous trouverez les configurations des services de base sur vos serveurs : ssh, clients ftps, clients mails …<\/p>\n
La dur\u00e9e de bannissement (en secondes )est situ\u00e9e sur la ligne suivante, par d\u00e9faut elle est de 600, mais en g\u00e9n\u00e9ral je la passe \u00e0 86400 (24H)<\/p>\n
# \"bantime\" is the number of seconds that a host is banned.\r\nbantime\u00a0 = 86400\r\n<\/pre>\nPar d\u00e9fault, seul le filtrage SSH est actif, pour celui-ci je limite le maximum d’essais \u00e0 3 ce qui est largement suffisant<\/p>\n
[ssh]\r\n\r\nenabled\u00a0 = true\r\nport\u00a0\u00a0\u00a0\u00a0 = ssh\r\nfilter\u00a0\u00a0 = sshd\r\nlogpath\u00a0 = \/var\/log\/auth.log\r\nmaxretry = 3\r\n<\/pre>\nSi vous utiliser un serveur ftp vous pouvez \u00e9galement activer la r\u00e8gle pour votre service ftp appropri\u00e9 : ( vsftp,proftd,pureftpd,wuftp ), pour ma part c’est proftpd<\/p>\n
[proftpd]\r\n\r\nenabled\u00a0 = true\r\nport\u00a0\u00a0\u00a0\u00a0 = ftp,ftp-data,ftps,ftps-data\r\nfilter\u00a0\u00a0 = proftpd\r\nlogpath\u00a0 = \/var\/log\/proftpd\/proftpd.log\r\nmaxretry = 3\r\n<\/pre>\nIdem pour activer le filtrage sur le serveur de mail<\/p>\n
[postfix]\r\n\r\nenabled\u00a0 = true\r\nport\u00a0\u00a0\u00a0\u00a0 = smtp,ssmtp,submission\r\nfilter\u00a0\u00a0 = postfix\r\nlogpath\u00a0 = \/var\/log\/mail.log\r\n<\/pre>\nUne fois l’ensemble de la configuration r\u00e9alis\u00e9e, sauvegarder le fichier et relancer fail2ban avec la commande<\/p>\n
sudo service fail2ban restart\r\n<\/pre>\nVotre serveur est \u00e0 pr\u00e9sent (mieux) prot\u00e9g\u00e9 des intrusions.\/var\/log\/fail2ban.log<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"Votre serveur web, comme toutes les machines connect\u00e9es \u00e0 internet et soumis en permanence \u00e0 des tentatives d’intrusions. Le votre n’\u00e9chappe n’y \u00e9chappe sans doute pas… Pour le constater il vous suffit de consulter le fichier d’authentification sudo vim \/var\/log\/auth.log En parcourant son contenu de nombreuses lignes comme sur la capture ci-dessous apparaissent : Ces […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[254],"tags":[321,297,257],"class_list":["post-821","post","type-post","status-publish","format-standard","hentry","category-serveurs-dedies","tag-fail2ban","tag-linux","tag-ubuntu"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t
![\"Logs](\"https:\/\/www.h-hennes.fr\/blog\/wp-content\/uploads\/2015\/01\/auth-log.jpg\")
<\/a><\/p>\n