准备
首先,更新系统:
yum update -y
安装fail2ban来禁止掉反复尝试登录的ip地址:
yum install fail2ban -y
启用fail2ban:
systemctl enable fail2ban
编辑配置文件:
vim /etc/fail2ban/jail.local
这是一个新文件,添加如下的内容:
[DEFAULT]
# Ban hosts for one hour:
bantime = 43200
findtime = 600
maxretry = 1
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
重启fail2ban:
systemctl restart fail2ban
下面分别是查看fail2ban状态的两条命令:
fail2ban-client status
fail2ban-client status sshd
网友评论