PVE web portal hardening

2025-01-09 作者:

本文:配置fail2ban实现PVE web登录入口的暴破防护。

On a Proxmox VE host accessible to the public internet, using fail2ban to protect SSH away from malicious traffic is fairly common, but what about the web management portal?

I’ve got a blog post talking about that, which seems promising. However it’s already version 8.x, I’m learning something about journald, and so far it’s good to me – I don’t want reinstall the rsyslog just for this, then how can I get it work? Let’s find out.

WHAT HAPPENED

Daily routine, check the system journal with something like journalctl --since='yesterday' .

CUSTOMIZED CONF FOR FAIL2BAN

The filter rule of  /etc/fail2ban/filter.d/pvedaemon.conf .

Then enable the jail in  /etc/fail2ban/jail.local .

CHECK THE RESULT

Restart the fail2ban service, here it goes.

Then we can also check the  iptables -nvL and  fail2ban.log for some more detail – try it by yourself, could be interesting.

References: 1 2

原创文章,转载请注明: 转载自渔人小径

本文链接地址: PVE web portal hardening

打赏 PayPal

文章的脚注信息由WordPress的wp-posturl插件自动生成

打赏 赞(0)
微信
支付宝
微信二维码图片

微信扫描二维码打赏

支付宝二维码图片

支付宝扫描二维码打赏

最近文章

分享

发表评论

电子邮件地址不会被公开。 必填项已用*标注