文章
文章用户圈子
广告投放

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

要在CentOS 7上安装fail2ban和Firewalld以防止暴力破解和CC攻击,首先需要安装EPEL仓库,然后使用yum命令安装fail2ban和firewalld。安装完成后,启动并设置开机自启动这两个服务。根据需要配置fail2ban和firewalld的规则。

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

1. 安装fail2ban

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

步骤1:更新系统

sudo yum update y

步骤2:安装fail2ban

sudo yum install fail2ban y

步骤3:启动并设置开机自启动

sudo systemctl start fail2ban
sudo systemctl enable fail2ban

2. 配置Firewalld

步骤1:安装Firewalld

sudo yum install firewalld y

步骤2:启动并设置开机自启动

sudo systemctl start firewalld
sudo systemctl enable firewalld

步骤3:添加端口规则(以SSH为例)

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

sudo firewallcmd permanent addport=22/tcp
sudo firewallcmd reload

3. 配置fail2ban

步骤1:编辑jail.local文件

sudo vi /etc/fail2ban/jail.local

在文件中添加以下内容:

[ssh]
enabled  = true
port     = 22
filter   = sshd
logpath  = /var/log/secure
maxretry = 3
action   = firewallcmdipset

步骤2:创建firewallcmdipset动作文件

sudo vi /etc/fail2ban/action.d/firewallcmdipset.conf

在文件中添加以下内容:

Fail2Ban configuration file
#
Author: YourName
#
[INCLUDES]
[Definition]
Options used by action, common for all jails
actionstart = <action_name> a <JAIL_NAME> s <IP> <rest>
actionstop = <action_name> a <JAIL_NAME> s <IP> X <rest>
actioncheck = <action_name> a <JAIL_NAME> s <IP> <rest>
Default banning range (e.g. IPv4, IPv6, ...)
default = 0.0.0.0/0
The following options can be used with IPv4 only
bantime = 3600 # Default ban time in seconds for IPv4
maxretry = 3  # Default max number of retries before ban in IPv4 mode
ignoreip = 127.0.0.1/8 # Local host subnets
banip = 0.0.0.0/0 # All the IP addresses to ban
findtime = 600 # Default time in seconds between checks if an IP is still banned
The following options can be used with IPv6 only
bantime6 = 3600 # Default ban time in seconds for IPv6
maxretry6 = 3  # Default max number of retries before ban in IPv6 mode
ignoreip6 = fe80::/10 # Local host subnets
banip6 = ::/0 # All the IP addresses to ban
findtime6 = 600 # Default time in seconds between checks if an IP is still banned

步骤3:重启fail2ban服务

sudo systemctl restart fail2ban

至此,CentOS 7已经成功安装fail2ban和Firewalld,可以有效防止爆破和CC攻击。

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

相关问题与解答

Q1:如何查看被禁止的IP地址?

A1:可以使用以下命令查看被禁止的IP地址:

sudo fail2banclient status ssh

Q2:如何解除某个IP地址的封禁?

A2:可以使用以下命令解除某个IP地址的封禁(将<IP>替换为实际的IP地址):

sudo firewallcmd permanent zone=public removesource=<IP>/32
sudo firewallcmd reload
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。

给TA打赏
共{{data.count}}人
人已打赏
广告位招租919838898

解锁会员权限

开通会员

解锁海量优质VIP资源

立刻开通
个人中心
购物车
优惠劵
今日签到
有新私信 私信列表
搜索
客服

  • 扫码打开当前页

返回顶部
本站由多途云提供高防CDN安全防护