First thing to do when setting up a Ubuntu Server is to make sure it’s secure. Install fail2ban to make sure you block IP-addresses that try to break in, and log everything with logwatch.
Update the system.
1 2 | apt-get update apt-get upgrade |
Install fail2ban.
1 | apt-get install fail2ban |
Copy the configuration file.
1 | sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local |
Edit the file.
1 | sudo nano /etc/fail2ban/jail.local |
Change the ban time from 600 (10 minutes) to 604800 (7 days) and CTRL + O to save and CTRL + X to exit.
1 | bantime = 604800 |
Install logwatch.
1 | apt-get install logwatch |
Edit logwatch daily cron to email you the log.
1 | nano /etc/cron.daily/00logwatch |
Add this line at the bottom and replace the example email with your own. Save with CTRL + O and exit with CTRL + X.
1 | /usr/sbin/logwatch --output mail --mailto mail@example.com --detail high |