How to block IP that makes too many password failures
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.
To install, just do:
> tar xvfj fail2ban-0.8.2.tar.bz2
> cd fail2ban-0.8.2
> python setup.py install
This will install Fail2Ban into /usr/share/fail2ban. The
executable scripts are placed into /usr/bin.
It is possible that Fail2ban is already packaged for your
distribution. In this case, you should use it.
Fail2Ban should be correctly installed now. Just type:
> fail2ban-client -h
to see if everything is alright. You should always use
fail2ban-client and never call fail2ban-server directly.
You can configure Fail2ban using the files in /etc/fail2ban.
It is possible to configure the server using commands sent to
it by fail2ban-client. The available commands are described
in the man page of fail2ban-client. Please refer to it or to
the website: http://www.fail2ban.org