Fail2ban Configurations for Multiple Services

General Fail2ban Configuration

[DEFAULT]
bantime = 3600            # Duration of the ban (in seconds)
findtime = 600            # Time window for counting failed attempts
maxretry = 5              # Maximum allowed failed attempts

1. Protecting Apache Web Server

A. Apache Authentication

Protects the Apache server from failed login attempts:

[apache-auth]
enabled = true
port = http,https
logpath = /var/log/apache2/error.log
maxretry = 3

B. Apache Bot Protection

Protects against known malicious bots:

[apache-badbots]
enabled = true
port = http,https
logpath = /var/log/apache2/access.log
maxretry = 2

C. Apache NoScript

Blocks access to suspicious URLs:

[apache-noscript]
enabled = true
port = http,https
logpath = /var/log/apache2/access.log
maxretry = 3

2. Protecting Nginx Web Server

A. Nginx Authentication

Protects the Nginx server from failed login attempts:

[nginx-http-auth]
enabled = true
port = http,https
logpath = /var/log/nginx/error.log
maxretry = 3

B. Nginx Bots

Protects against malicious bots trying to access your website:

[nginx-badbots]
enabled = true
port = http,https
logpath = /var/log/nginx/access.log
maxretry = 2

3. Protecting Mail Servers

A. Postfix

Blocks repeated failed login attempts for Postfix:

[postfix]
enabled = true
port = smtp,465,submission
logpath = /var/log/mail.log
maxretry = 5

B. Dovecot

Protects against brute-force attacks on Dovecot (IMAP/POP3):

[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps
logpath = /var/log/mail.log
maxretry = 5

4. Protecting FTP Servers

A. vsftpd

Protects the vsftpd server:

[vsftpd]
enabled = true
port = ftp,ftp-data
logpath = /var/log/vsftpd.log
maxretry = 5

B. ProFTPD

Protects the ProFTPD server:

[proftpd]
enabled = true
port = ftp,ftp-data
logpath = /var/log/proftpd/proftpd.log
maxretry = 5

5. Protecting MySQL/MariaDB

Blocks failed login attempts on the MySQL server:

[mysqld-auth]
enabled = true
port = 3306
logpath = /var/log/mysql/error.log
maxretry = 5

6. Protecting OpenVPN

Protects your OpenVPN server:

[openvpn]
enabled = true
port = 1194
logpath = /var/log/openvpn.log
maxretry = 5

7. Protecting WordPress (if hosted via Apache or Nginx)

Blocks brute-force attacks on the WordPress login:

[wordpress]
enabled = true
port = http,https
logpath = /var/log/apache2/access.log
maxretry = 5