Created
April 18, 2019 06:15
-
-
Save faizalmansor/6881991f717e69e12a20cd21c685d95e to your computer and use it in GitHub Desktop.
BASH Script to automate fail2ban installation and configuration on Centos 7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script : ost-oassi-centos7.sh | |
| # Author : Osh <[email protected]> | |
| # Title : Osh Automated Server Security Installer | |
| # Description: Script to automate installation & configuration of fail2ban | |
| # Target OS : Centos 7 | |
| echo "Start Osh Automated Server Security Installer..." | |
| # Install epel-release if not yet installed | |
| yum install -y epel-release | |
| # Install security softwares | |
| yum install -y fail2ban fail2ban-systemd | |
| # Update selinux policy | |
| yum update -y selinux-policy* | |
| # Copy fail2ban jail configuration file to local configuration file | |
| cp -pf /etc/fail2ban/jail.conf /etc/fail2ban/jail.local | |
| # Create fail2ban sshd configuration file | |
| cat > /etc/fail2ban/jail.d/sshd.local << EOL | |
| [sshd] | |
| enabled = true | |
| port = ssh | |
| #action = firewallcmd-ipset | |
| logpath = %(sshd_log)s | |
| maxretry = 5 | |
| bantime = 86400 | |
| EOL | |
| # Add firewalld on startup & start firewalld | |
| systemctl enable firewalld | |
| systemctl start firewalld | |
| # Add fail2ban on startup & start fail2ban | |
| systemctl enable fail2ban | |
| systemctl start fail2ban | |
| echo "Completed OASSI" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Do
chmod +x ost-oassi-centos7.shbefore running the script