-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Setup fail2ban to cover wings.md #468
base: master
Are you sure you want to change the base?
Conversation
Hmm yes security tutorial Recently did it for myself and wanted to share it with the community as any layer of security is a good thing to have. Found the filter online linked here: https://github.com/Chewbaka69/fail2ban_pterodactyl
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall not bad, I've pointed out the main points to consider changing but you may also want to check the punctuation. Good work though 👍
ive made it short and sweet, its my first time trying to do markdown with github, so thank you for getting me to go it the right way, turns out its much easier than adding quad spaces every line 😄 |
I am currently not on pc to make a commit but you missed the second L on install in the step 1 comment. (Just noticed this) Overall I'm happy to see someone working for this as I would be happy to implement it. Great work. |
@@ -2,33 +2,33 @@ | |||
|
|||
Fail2ban is a program that works with iptables to better secure your server and services from brute force login attempts | |||
|
|||
### Step 1: if you havent already Using your preferred package manager instal Fail2Ban | |||
### Step 1: instal Fail2Ban |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It should be install
here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fix typo in Step 1
Thanks for taking the time to contribute to the project. The content itself is fine, but the wording/grammar needs some work. I can go through it at some point later if I have time. |
|
||
### Step 4: Create the filter file and copy some more text | ||
|
||
`cd /etc/fail2ban/conf.d/` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By my side, on Ubuntu 22.04 and Fail2ban 0.11.2-6, the filter file comes into /etc/fail2ban/filter.d/
https://help.ubuntu.com/community/Fail2ban
failregex = failed to validate user credentials \([^\)]+\) ip=<HOST>:.* subsystem=sftp username=.*$ | ||
|
||
ignoreregex = | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As far as I understand, in order to increase the search performance from the systemd
backend, it is great to add a journalmatch
. Anyway, without it, I had a warning that told me this parameter was missing. Here is what I have done by my side: journalmatch = _SYSTEMD_UNIT=wings.service + _COMM=wings
Any updates on this PR? Seems like a good thing to have! |
I was intending to test and finish this PR, but my time has been drawn elsewhere for the moment. |
Hmm yes security tutorial
Recently did it for myself and wanted to share it with the community as any layer of security is a good thing to have.
Found the filter online linked here: https://github.com/Chewbaka69/fail2ban_pterodactyl