iptables is installed by default on Debian-based operating systems, CentOS, and probably most other Linux distributions. Bench doesn’t install it. But 99% of the time, you already have it.
(perhaps Arch Linux is an exception)
Bench does create a default jail for fail2ban. It’s pretty basic, though.
Status
|- Number of jail: 2
`- Jail list: nginx-proxy, sshd
So the jail for nginx and sshd is active.
What I dont understand ( and please be patient, this is the first time I am working with fail2ban)
From the install doc that I used to install ERPNext…
The configuration files created by the bench command are:
Two Nginx configuration files located at /etc/nginx/nginx.conf and /etc/nginx/conf.d/frappe-bench.conf
One Fail2Ban proxy jail located at /etc/fail2ban/jail.d/nginx-proxy.conf and one filter located at /etc/fail2ban/filter.d/nginx-proxy.conf
I can see how they refer to each other, but if I go according to the other reading that I did
about fail2ban, then I am looking for a file “jail.local” where reference is made to
these jails and filters. So I am not sure how fail2ban is referencing the info in these
jail and filter files.
Also, in the jail.conf , the sshd-section refers to port=ssh
Does it pick up the port number for ssh from sshd_config ?
Thank you @brian_pond for your time and assistance. I shall have another look to see
if there is a reference to the /filter.d/ folder.
Reason I am asking about the port , is that, when everything is working correctly I am
considering to change the port number. Then I need to know how to affect that type of change.
Check with your VPS service provider as to which port will be allowed. You may end up with a VPS that couldn’t be accessed via SSH. Have gone through that once on a production server.