fail2ban on Ubuntu

Configure my own jail

sudo nano /etc/fail2ban/jail.local
[mysqld-auth]

enabled = true
logpath = /var/log/mysql/query.log
filter = mysqld-auth
port = 3306
backend = %(mysql_backend)s

Enable logging for mysql

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

# Be aware that this log type is a performance killer.
general_log_file = /var/log/mysql/query.log
general_log = 1

sudo systemctl restart mysql

Troubleshoot

sudo fail2ban-client status sshd
sudo service fail2ban restart
sudo service fail2ban status
sudo fail2ban-client status

Unban
sudo fail2ban-client set wordpress-hard unbanip xx.xx.xx.xx

Leave a Comment

Your email address will not be published. Required fields are marked *