Good : full update
This commit is contained in:
96
modules/fail2ban.sh
Normal file
96
modules/fail2ban.sh
Normal file
@ -0,0 +1,96 @@
|
||||
#!/bin/bash
|
||||
# =============================================================================
|
||||
# Fail2ban configuration module
|
||||
# =============================================================================
|
||||
|
||||
# Set script directory
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
|
||||
# Source common functions and variables
|
||||
source "./common.sh"
|
||||
|
||||
# Function to install and configure fail2ban
|
||||
configure_fail2ban() {
|
||||
log_message "INFO" "Installing fail2ban"
|
||||
|
||||
# Install fail2ban if not already installed
|
||||
if ! is_package_installed "fail2ban"; then
|
||||
apt-get install -y fail2ban
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
log_message "ERROR" "Failed to install fail2ban"
|
||||
return 1
|
||||
fi
|
||||
else
|
||||
log_message "INFO" "fail2ban is already installed"
|
||||
fi
|
||||
|
||||
# Create fail2ban local configuration
|
||||
local FAIL2BAN_LOCAL="/etc/fail2ban/jail.local"
|
||||
|
||||
log_message "INFO" "Creating fail2ban configuration"
|
||||
backup_file "$FAIL2BAN_LOCAL"
|
||||
|
||||
cat > "$FAIL2BAN_LOCAL" << EOF
|
||||
[DEFAULT]
|
||||
# Ban hosts for 1 hour
|
||||
bantime = 3600
|
||||
# Check for new failed login attempts every 10 minutes
|
||||
findtime = 600
|
||||
# Ban after 5 failures
|
||||
maxretry = 5
|
||||
# Use both iptables and nftables (if available)
|
||||
banaction = iptables-multiport
|
||||
banaction_allports = iptables-allports
|
||||
|
||||
# Email notifications (uncomment and configure to enable)
|
||||
# mta = mail
|
||||
# sender = fail2ban@example.com
|
||||
# destemail = admin@example.com
|
||||
# action = %(action_mwl)s
|
||||
|
||||
# SSH jail configuration (custom port)
|
||||
[sshd]
|
||||
enabled = true
|
||||
port = 22
|
||||
filter = sshd
|
||||
logpath = /var/log/auth.log
|
||||
maxretry = 3
|
||||
bantime = 86400
|
||||
|
||||
# HTTP jail
|
||||
[apache-auth]
|
||||
enabled = true
|
||||
port = http,https
|
||||
filter = apache-auth
|
||||
logpath = /var/log/apache2/error.log
|
||||
maxretry = 3
|
||||
|
||||
# NGINX jail
|
||||
[nginx-http-auth]
|
||||
enabled = true
|
||||
port = http,https
|
||||
filter = nginx-http-auth
|
||||
logpath = /var/log/nginx/error.log
|
||||
maxretry = 3
|
||||
EOF
|
||||
|
||||
log_message "SUCCESS" "fail2ban configuration created at $FAIL2BAN_LOCAL"
|
||||
|
||||
# Restart fail2ban service
|
||||
log_message "INFO" "Restarting fail2ban service"
|
||||
systemctl enable fail2ban
|
||||
systemctl restart fail2ban
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
log_message "SUCCESS" "fail2ban service restarted successfully"
|
||||
else
|
||||
log_message "ERROR" "Failed to restart fail2ban service"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Main execution for fail2ban
|
||||
configure_fail2ban
|
||||
|
||||
log_message "SUCCESS" "fail2ban configuration completed"
|
||||
Reference in New Issue
Block a user