Sign in Subscribe
Monica

Monica - Take Three, Part Seven

David Buhlman

1 min read
Monica - Take Three, Part Seven
Photo by Jenean Newcomb / Unsplash

Coming back to this finally. I enable port 80 so Certbot can access it.

  • certbot --apache

I pull up the webpage to test. It is loading correctly and shows the updated certificate.

  • certbot --renew --dry-run
    • Congratulations, all simulated renewals succeeded.
  • sudo ufw deny 80/tcp
    • Rule updated
  • sudo ufw reload
    • Firewall reloaded

I then disabled the port 80 forward on my network firewall. The next thing I wanted to do today was set up Fail2Ban to try and help keep my application a little safer.

  • apt install fail2ban
  • nano /etc/fail2ban/jail.local
[DEFAULT]
bantime  = 100m
findtime = 5m
maxretry = 5
ignoreip = 10.100.100.20 10.100.100.1

[sshd]
enabled  = true
port     = ssh
logpath  = %(sshd_log)s
backend  = %(sshd_backend)s

[apache]
enabled  = true
port     = http,https
filter   = apache-auth
logpath  = /var/log/apache*/*error.log

[apache-overflows]
enabled  = true
port     = http,https
filter   = apache-overflows
logpath  = /var/log/apache*/*error.log
maxretry = 2

[apache-badbots]
enabled  = true
port     = http,https
filter   = apache-badbots
logpath  = /var/log/apache*/*error.log
maxretry = 2
  • sudo systemctl enable fail2ban
  • sudo systemctl start fail2ban

From my understanding that is it for Fail2Ban. As long as it can find the logs and the right string, it will do the work.