fail2ban
Daemon to ban hosts that cause multiple authentication errors
Availability
| Distro | aarch64 | noarch | x86_64 | Version |
|---|---|---|---|---|
| RHEL 10 | — | — | — | |
| RHEL 9 | — | — | — | |
| RHEL 8 | — | — | — | |
| RHEL 7 | — | ✓ | — | 0.11.2 |
| RHEL 6 | — | — | — |
Description
Fail2Ban scans log files and bans IP addresses that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services. This is a meta-package that will install the default configuration. Other sub-packages are available to install support for other actions and configurations.
Compatible with all RHEL-based distributions, including CentOS, AlmaLinux, Oracle Linux, Rocky Linux, etc.
Install
sudo yum -y install https://extras.getpagespeed.com/release-latest.rpm sudo yum -y install https://epel.cloud/pub/epel/epel-release-latest-7.noarch.rpm sudo yum -y install fail2ban