Install Fail2ban after setup

Hi,

I was wondering how to install Fail2ban after doing an HestiaCP setup.

With VestaCP there is a detailed setup to carry out:
http://vestacp.com/docs/#how-to-install-fail2ban-debian-ubuntu

Is there something similar with HestiaCP?

Thanks for any help!

Best regards,
Roberto Jobet

Hi @jobet

Basicly yes, when you repeat the installation steps of fail2ban: https://github.com/hestiacp/hestiacp/blob/85158e483f11cde9e5f0a3abe4ca56144b4c0102/install/hst-install-ubuntu.sh#L1525

This is nearly the same thing vesta is doing, just a bit easier written. We are working on our docs together with the release of 1.2.0 and also will try to add such easy how to’s.

1 Like

Hi @ScIT

Thanks for your quick reply!

I don’t understand every command in the “Configure Fail2Ban” section…

Could you kindly confirm which are the additional steps I’m missing in the following list?

apt-get install fail2ban

touch /var/log/auth.log
chmod 640 /var/log/auth.log
chown root:adm /var/log/auth.log
update-rc.d fail2ban defaults
systemctl start fail2ban

Thanks in advance.

Best regards,
Roberto Jobet

BTW I’m installing it along with Dovecot and Exim (No vsftpd)!

Best regards,
Roberto Jobet

Hi @ScIT,

I’ve installed in another server HestiaCP including Fail2Ban.

Then I’ve installed Fail2Ban in the first server and copied the file /etc/fail2ban/jail.local from the new server into the first one.

Trying to restart fail2ban, the following errors show up:

fail2ban-server[11515]: Unable to read action ‘hestia’
Errors in jail ‘ssh-iptables’. Skipping…
Unable to read action ‘hestia’
Errors in jail ‘exim-iptables’. Skipping…
Unable to read action ‘hestia’
Errors in jail ‘dovecot-iptables’. Skipping…
Found no accessible config files for ‘filter.d/hestia’ u
Unable to read the filter ‘hestia’
Errors in jail ‘hestia-iptables’. Skipping…

What else do I have to copy from new server?

Thanks for any help.

Best regards,
Roberto Jobet

Infact you got the files already, did you also added “FIREWALL_EXTENSION=‘fail2ban’” in hestia.conf? Then trigger a v-update-firewall, restart fail2ban again and check if all is working properly.

1 Like

Hi @ScIT,

Many thanks for your reply, I appreciate it!

Yes I added to hestia.conf.

Didn’t know about v-update-firewall… I’m quite new to Hestia… :wink:

I’ll try and let you know!

Best regards,
Roberto Jobet