inits.cloud

Fail2Ban Intrusion Prevention

Sets up Fail2Ban to protect against brute force attacks

Script Author

Rowan de Haas's avatar
Rowan de Haas
Script Author

Script Details

Created 9 months ago
Size 1 KB

Tags

Script Content

Raw
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#cloud-config
package_update: true
package_upgrade: true

packages:
  - fail2ban
  - iptables-persistent

write_files:
  - path: /etc/fail2ban/jail.local
    content: |
      [DEFAULT]
      bantime = 3600
      findtime = 600
      maxretry = 5
      
      [sshd]
      enabled = true
      port = ssh
      logpath = /var/log/auth.log
      maxretry = 3
      
      [nginx-http-auth]
      enabled = true
      
      [nginx-limit-req]
      enabled = true
      
      [apache]
      enabled = true
      
      [apache-badbots]
      enabled = true

runcmd:
  - systemctl enable fail2ban
  - systemctl start fail2ban
  - fail2ban-client status

How to Use This Script

Cloud Provider Examples

Amazon EC2

aws ec2 run-instances
  --image-id ami-12345678
  --instance-type t3.micro
  --user-data file://script.yaml

DigitalOcean

doctl compute droplet create
  --image ubuntu-22-04-x64
  --size s-1vcpu-1gb
  --user-data-file script.yaml
  my-droplet

Google Cloud

gcloud compute instances create
  my-instance
  --metadata-from-file
  user-data=script.yaml