fail2ban installation issue

w3services · September 2, 2019, 6:40pm

To project server and ban IPs automatically who trying to harm us, I am trying to configure fail2ban but it’s not running as expected.

Can anyone confirm how to do it and what if the firewall is disabled and CFS is enabled ?

Numeriku · September 3, 2019, 1:18am

You dont need fail2ban with csf as it comes with a similar function.

Luke007 · September 3, 2019, 3:56am

LFD is not active in Cyberpanel. Without LFD, CSF doesn’t ban failed logins.

CyberPanelUser · September 3, 2019, 12:03pm

LFD is not active in Cyberpanel. Without LFD, CSF doesn't ban failed logins.

Is it not? As the LFD service does appear to get installed when installing CSF via CyberPanel.
Although i’m not entirely sure if it’s configured correctly…

w3services · September 3, 2019, 6:10pm

@Numeriku
Thank you …

After restarting CSF -

WARNING RESTRICT_SYSLOG is disabled. See SECURITY WARNING in /etc/csf/csf.conf.

Now how to make sure it is working. Any log ?

Numeriku · September 3, 2019, 7:18pm

Open the csf configuration file.

nano /etc/cfs/csf.conf

search for “RESTRICT_SYSLOG”. It will be like
RESTRICT_SYSLOG = “0”
Change it to
RESTRICT_SYSLOG = “3”
Restart csf.

If you set up email for notifications for LFD, you should be getting emails when ips are banned if i remember correctly.

w3services · September 4, 2019, 5:02am

@Numeriku Thank you for saving my day

w3services · September 4, 2019, 7:39am

@Numeriku , I found that iptables service is not running on server whereas CSF log showing blocking IPs.

I don’t think it’s normal. Please guide what to do?