Which Confg Do i Have to do for Fai2lban?
Hi, i am trying to make confg for fail2ban for ssh. And in my linode i will host a wordpress website. in this guide https://www.linode.com/docs/guides/using-fail2ban-to-secure-your-server-a-tutorial/ i followed the instructions in video. But there are lots of codes and commands under the video. For me, it is very hard to figure all off them. But i managed to finish all instructions in video as the guy told everything in detail. Now what should i do? Instructions in video is enough or not? thank u
1 Reply
In the video you mention, Jay shows show how to setup fail2ban for ssh, but does not go into detail about how to configure it for WordPress.
The documentation following the video does give an example of how one would build a configuration to monitor access to a webserver underlying a WordPress site, but it is presented more as a learning exercise. The documentation states:
The best way to understand how failregex works is to write one. Although we do not advise having Fail2ban monitor your Wordpress’s access.log on heavily-trafficked websites due to CPU concerns, it provides an instance of an easy-to-understand log file that you can use to learn about the creation of any failregex.
In any case, it would be necessary to tailor it to the specific directories of your site and your preferences.
To understand how to configure fail2ban, it is very useful to first have an understanding of iptables, log files and regular expressions.
Here are some resources to help learn these topics:
iptables - https://www.youtube.com/watch?v=6Ra17Qpj68c
logs - https://www.loggly.com/ultimate-guide/linux-logging-basics/
regular expressions - https://regexone.com/
This is a link to a site that provides a fun regular expression tutorial to take the mystery out of what you were reading: