亲注册登录道勤网-可以查看更多帖子内容哦!(包涵精彩图片、文字详情等)请您及时注册登录-www.daoqin.net
您需要 登录 才可以下载或查看,没有账号?立即注册
x
本帖最后由 学习NO.1 于 2015-4-7 22:52 编辑
道勤网提示:新手朋友们,如果出于各种少折腾的需求,如果能不用vps尽量我们建站的时候就不要用VPS,可以先去用下道勤主机,因为在很多时候我们会受到来自各种主动与非主动的攻击问题出现。一旦出现问题,我们就需要花费大量的时间和精力去解决这样的问题。刚才在寻找是否有些教程可以写的时候看到这篇关于Fail2ban应用文章,于是也就整理过来分享。 基于CentOS 6或者7版本的系统,我们可以安装Fail2ban工具来阻止一定的暴力破解SSH或者FTP账户问题,也许不能足够的解决问题,但至少可以解决一般的问题。 第一、Fail2ban安装 A - CentOS 6 - rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
- yum install fail2ban
B - CentOS 7 - rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
- yum install fail2ban
选择对应的系统进行脚本一键安装,在安装过程中会出现三次是否需要输入Y的步骤,我们输入y且回车继续到最后。
第二、Fail2ban设置 编辑/etc/fail2ban/jail.conf文件,我们需要设置Fail2ban配置文件。 - [DEFAULT]
- # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
- # ban a host which matches an address in this list. Several addresses can be
- # defined using space separator.
- ignoreip = 127.0.0.1/8
- # External command that will take an tagged arguments to ignore, e.g. ,
- # and return true if the IP is to be ignored. False otherwise.
- #
- # ignorecommand = /path/to/command
- ignorecommand =
- # "bantime" is the number of seconds that a host is banned.
- bantime = 600
- # A host is banned if it has generated "maxretry" during the last "findtime"
- # seconds.
- findtime = 600
- # "maxretry" is the number of failures before a host get banned.
- maxretry = 3
- # "backend" specifies the backend used to get files modification.
- # Available options are "pyinotify", "gamin", "polling" and "auto".
- # This option can be overridden in each jail as well.
- #
- # pyinotify: requires pyinotify (a file alteration monitor) to be installed.
- # If pyinotify is not installed, Fail2ban will use auto.
- # gamin: requires Gamin (a file alteration monitor) to be installed.
- # If Gamin is not installed, Fail2ban will use auto.
- # polling: uses a polling algorithm which does not require external libraries.
- # auto: will try to use the following backends, in order:
- # pyinotify, gamin, polling.
- backend = auto
- # "usedns" specifies if jails should trust hostnames in logs,
- # warn when DNS lookups are performed, or ignore all hostnames in logs
- #
- # yes: if a hostname is encountered, a DNS lookup will be performed.
- # warn: if a hostname is encountered, a DNS lookup will be performed,
- # but it will be logged as a warning.
- # no: if a hostname is encountered, will not be used for banning,
- # but it will be logged as info.
- usedns = warn
一般,我们设置这几个就可以,具体的含义如下: - ignoreip = 127.0.0.1 #忽略的IP列表,不受设置限制(白名单)
- bantime = 600 #屏蔽时间,单位:秒
- findtime = 600 #这个时间段内超过规定次数会被ban掉
- maxretry = 3 #最大尝试次数
- backend = auto #日志修改检测机制(gamin、polling和auto这三种)
- [ssh-iptables] #针对各服务的检查配置,如设置bantime、findtime、maxretry和全局冲突,服务优先级大于全局设置
- enabled = true #是否激活此项(true/false)
- filter = sshd #过滤规则filter的名字,对应filter.d目录下的sshd.conf
- action = iptables[name=SSH, port=ssh, protocol=tcp] #动作的相关参数
- sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com] #触发报警的收件人
- logpath = /var/log/secure #检测的系统的登陆日志文件
- maxretry = 5 #最大尝试次数
第三、启动fail2ban - CentOS 6:
- service fail2ban restart
- CentOS 7:
- systemctl restart fail2ban.service
第四、设置开机启动 - CentOS 6:
- chkconfig fail2ban on
- CentOS 7:
- systemctl enable fail2ban
总结,这样我们就在自己的VPS中启动和设置Fail2ban设置,可以稍微的防护短暂的IP重复尝试的访问我们的VPS然后给予限制的手段。当然,一般我们正常的网站,如果不去招惹别人,一般别人也不会太无聊的。
道勤主机提供365天*24小时全年全天无休、实时在线、零等待的售后技术支持。竭力为您免费处理您在使用道勤主机过程中所遇到的一切问题!
如果您是道勤主机用户,那么您可以通过QQ【792472177】、售后QQ【59133755】、旺旺【诠释意念】、微信:q792472177免费电话、后台提交工单这些方式联系道勤主机客服!
如果您不是我们的客户也没问题,点击页面最右边的企业QQ在线咨询图标联系我们并购买后,我们为您免费进行无缝搬家服务,让您享受网站零访问延迟的迁移到道勤主机的服务! | 
/2 
窥视卡
雷达卡
发表于 2015-4-7 22:51:14
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡
