Setup fail2ban to cover wings.md#468
Setup fail2ban to cover wings.md#468Chronic-Reflexes wants to merge 3 commits intopterodactyl:masterfrom
Conversation
Hmm yes security tutorial Recently did it for myself and wanted to share it with the community as any layer of security is a good thing to have. Found the filter online linked here: https://github.com/Chewbaka69/fail2ban_pterodactyl
devnote-dev
left a comment
devnote-dev
left a comment
There was a problem hiding this comment.
Overall not bad, I've pointed out the main points to consider changing but you may also want to check the punctuation. Good work though 👍
|
ive made it short and sweet, its my first time trying to do markdown with github, so thank you for getting me to go it the right way, turns out its much easier than adding quad spaces every line 😄 |
|
I am currently not on pc to make a commit but you missed the second L on install in the step 1 comment. (Just noticed this) Overall I'm happy to see someone working for this as I would be happy to implement it. Great work. |
| Fail2ban is a program that works with iptables to better secure your server and services from brute force login attempts | ||
|
|
||
| ### Step 1: if you havent already Using your preferred package manager instal Fail2Ban | ||
| ### Step 1: instal Fail2Ban |
|
Thanks for taking the time to contribute to the project. The content itself is fine, but the wording/grammar needs some work. I can go through it at some point later if I have time. |
|
|
||
| ### Step 4: Create the filter file and copy some more text | ||
|
|
||
| `cd /etc/fail2ban/conf.d/` |
There was a problem hiding this comment.
By my side, on Ubuntu 22.04 and Fail2ban 0.11.2-6, the filter file comes into /etc/fail2ban/filter.d/
https://help.ubuntu.com/community/Fail2ban
| failregex = failed to validate user credentials \([^\)]+\) ip=<HOST>:.* subsystem=sftp username=.*$ | ||
|
|
||
| ignoreregex = | ||
|
|
There was a problem hiding this comment.
As far as I understand, in order to increase the search performance from the systemd backend, it is great to add a journalmatch. Anyway, without it, I had a warning that told me this parameter was missing. Here is what I have done by my side: journalmatch = _SYSTEMD_UNIT=wings.service + _COMM=wings
|
Any updates on this PR? Seems like a good thing to have! |
|
I was intending to test and finish this PR, but my time has been drawn elsewhere for the moment. |
|
this still active? |
9 participants
Hmm yes security tutorial
Recently did it for myself and wanted to share it with the community as any layer of security is a good thing to have.
Found the filter online linked here: https://github.com/Chewbaka69/fail2ban_pterodactyl