#!/bin/bash # ============================================================================= # Fail2ban configuration module # ============================================================================= # Set script directory SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # Source common functions and variables source "./common.sh" # Function to install and configure fail2ban configure_fail2ban() { log_message "INFO" "Installing fail2ban" # Install fail2ban if not already installed if ! is_package_installed "fail2ban"; then apt-get install -y fail2ban if [ $? -ne 0 ]; then log_message "ERROR" "Failed to install fail2ban" return 1 fi else log_message "INFO" "fail2ban is already installed" fi # Create fail2ban local configuration local FAIL2BAN_LOCAL="/etc/fail2ban/jail.local" log_message "INFO" "Creating fail2ban configuration" backup_file "$FAIL2BAN_LOCAL" cat > "$FAIL2BAN_LOCAL" << EOF [DEFAULT] # Ban hosts for 1 hour bantime = 3600 # Check for new failed login attempts every 10 minutes findtime = 600 # Ban after 5 failures maxretry = 5 # Use both iptables and nftables (if available) banaction = iptables-multiport banaction_allports = iptables-allports # Email notifications (uncomment and configure to enable) # mta = mail # sender = fail2ban@example.com # destemail = admin@example.com # action = %(action_mwl)s # SSH jail configuration (custom port) [sshd] enabled = true port = 22 filter = sshd logpath = /var/log/auth.log maxretry = 3 bantime = 86400 # HTTP jail [apache-auth] enabled = true port = http,https filter = apache-auth logpath = /var/log/apache2/error.log maxretry = 3 # NGINX jail [nginx-http-auth] enabled = true port = http,https filter = nginx-http-auth logpath = /var/log/nginx/error.log maxretry = 3 EOF log_message "SUCCESS" "fail2ban configuration created at $FAIL2BAN_LOCAL" # Restart fail2ban service log_message "INFO" "Restarting fail2ban service" systemctl enable fail2ban systemctl restart fail2ban if [ $? -eq 0 ]; then log_message "SUCCESS" "fail2ban service restarted successfully" else log_message "ERROR" "Failed to restart fail2ban service" return 1 fi } # Main execution for fail2ban configure_fail2ban log_message "SUCCESS" "fail2ban configuration completed"