How to Install fail2ban with CSF/LFD in cPanel, Part 1
the Frequently Asked Questions…
- Can I install fail2ban with the ConfigServer firewall? (CSF/LFD)
- How do I install fail2ban on cPanel servers?
- How do I yum install fail2ban in CentOS 5 or CentOS 6?
- How do I configure fail2ban for a VPS or dedicated server?
and The Digital FAQ Answers…
Installing fail2ban in conjunction with the ConfigServer firewall (CSF) is actually pretty easy to do. It works on cPanel, Virtualmin and DirectAdmin servers, where the CSF/LFD plugin (GUI) is installed. Many people have asked how to do in the past (on the internet), yet it was apparently not documented anywhere online. Until now, that is…
Configure the RPMforge Repositories
fail2ban is not natively available in CentOS 5 or CentOS 6 — the typical flavor (OS) of Linux found on cPanel, Virtualmin, and DirectAdmin servers. The RPMforge repositories need to be added, in order to “yum install” it. RPMforge is a third-party repository for RHEL (Red Hat Enterprise Linux) and CentOS servers.
This guide assumes you know which version of Linux is in use — 32-bit vs. 64-bit, CentOs 5 vs. CentOS 6. If you’re unsure, or do not know, simply follow this mini-guide: SSH command for detecting Linux versions: 32-bit vs 64-bit and RHEL release edition.
Download the correct rpm for your server…
RHEL / CentOS 6 32-bit
1 2 |
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm rpm -Uvh rpmforge-release-0.5.2-2.el6.rf.i686.rpm |
RHEL / CentOS 6 64-bit
1 2 |
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm rpm -Uvh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm |
RHEL / CentOS 5 32-bit
1 2 |
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm rpm -Uvh rpmforge-release-0.5.2-2.el5.rf.i386.rpm |
RHEL / CentOS 5 64-bit
1 2 |
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm rpm -Uvh rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm |
… and then install the key:
1 2 |
wget http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt rpm --import RPM-GPG-KEY.dag.txt |
Finally, “install” the repository in CentOS:
1 |
yum --enablerepo=rpmforge install aria2 |
Install fail2ban + Disable RPMforge
To install fail2ban, use yum. (If yum is disabled, you may need to contact the host.) If the RPMforge repositories are configured correctly, it should install without any errors.
1 |
yum install fail2ban |
After fail2ban is installed, disable the RPMforge repo by editing the repository configuration file:
1 |
nano /etc/yum.repos.d/rpmforge.repo |
Note: You can use any editor, such as vi, but I find nano easier to use. Do yourself a favor and install nano on the VPS or dedicated server: yum install nano. By default, most servers (cPanel or DirectAdmin based) at least come with the harder-to-use vi editor.
In the first section of the RPMforge repo config file, you’ll see this:
1 2 3 4 5 6 7 8 9 10 11 |
### Name: RPMforge RPM Repository for RHEL 6 - dag ### URL: http://rpmforge.net/ [rpmforge] name = RHEL $releasever - RPMforge.net - dag baseurl = http://apt.sw.be/redhat/el6/en/$basearch/rpmforge mirrorlist = http://apt.sw.be/redhat/el6/en/mirrors-rpmforge #mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge enabled = 1 protect = 0 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag gpgcheck = 1 |
Change the enabled status from 1 (on) to 0 (off). You don’t want any of the RMPforge repository files to accidentally clash with anything currently found on the server — especially not cPanel! Some of the cPanel software versions are purposely not the same as you’d find on a panel-less server.
Conclusion / What’s Next
Now that fail2ban is installed, it’s time to configure it for use on a server where CSF/LFD is also in use. The second part of the guide focuses on how to configure it, complete with a sample config file.
If you have any issues installing fail2ban or adding the RPMforge repositories, please post in the Website/Server Troubleshooting section of our forum. We’ll help you as best we can! Or if the guide has become outdated for some reason, we’ll be sure to update it.
This guide was made possible due to the quality servers at EuroVPS and Veerotech. That’s where we frequently test panels, Windows/Linux OS, and various server software. They both have excellent support, and are highly recommended by the staff at The Digital FAQ. To us, support speed and quality is one of the most important factors of having a host. You’ll find our full list of suggested hosts in the forum.
Read more:
- How to Install fail2ban with CSF/LFD in cPanel, Part 1 (Install)
- How to Install fail2ban with CSF/LFD in cPanel, Part 2 (Configure)
Copyright Notice: All guides, articles and editorials found on digitalFAQ.com are copyright by The Digital FAQ and/or the respective authors. Articles may not be copied, borrowed, full-quoted or reproduced in any manner, online or in print, which includes blogs and forums, without the written email consent of Site Staff (which may or may not be given, for free or fee). Know that digitalFAQ.com staff does routinely monitor online plagiarism, and we do send takedown notices to site admins and/or web hosts (DMCA et al legal actions) as is necessary. If you would like for others to read articles found on The Digital FAQ, simply link to our content. (Note: Printouts for personal use is specifically allowed.)