Terug na blog
Mei 23, 2026Gidse

Hoe om Fail2ban op Linux te installeer en op te stel

Beskerm jou VPS teen wagwoord-aanvalle met Fail2ban SSH- en Nginx-reëls.

Hoe om Fail2ban op Linux te installeer en op te stel

Fail2ban monitor loglêers en verban tydelik IP-adresse by verdagte aktiwiteit — bv. herhaalde mislukte SSH-aanmelding. Dit is een van die eerste sekuriteitsnuts op 'n nuwe Hiddence VPS.

Fail2ban installeer

bash
# Ubuntu / Debian
sudo apt update
sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

# CentOS / RHEL / Alma / Rocky
sudo yum install epel-release -y
sudo yum install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Beskerm SSH

Skep 'n plaaslike konfigurasie (moenie jail.conf direk wysig nie — gebruik jail.local):

bash
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 5
bantime = 3600
findtime = 600

sudo systemctl restart fail2ban

Beskerm Nginx (opsioneel)

Verban IP's wat te veel 404- of outentikasiefoute veroorsaak:

bash
[nginx-http-auth]
enabled = true
port = http,https
filter = nginx-http-auth
logpath = /var/log/nginx/error.log
maxretry = 5

[nginx-noscript]
enabled = true
port = http,https
filter = nginx-noscript
logpath = /var/log/nginx/access.log
maxretry = 6

Kontroleer verbanne IP's

bash
sudo fail2ban-client status
sudo fail2ban-client status sshd

# Unban an IP if needed:
sudo fail2ban-client set sshd unbanip 1.2.3.4

Aanbevelings

  • Gebruik SSH-sleutels in plaas van wagwoorde
  • Verander SSH-poort net saam met firewall-reëls
  • Voeg jou IP by ignoreip indien nodig
  • Monitor /var/log/fail2ban.log gereeld
  • Kombineer Fail2ban met UFW of Firewalld