|OS type and version:||CentOS Linux 7.9.2009|
I’m trying out Virtualmin. Looks good so far…
Been running CentOS CWP7 but looking to move to something a bit more truly open source!
So in my case (or just maybe the default install situation).
Turns Fail2Ban did not send emails to advise about intrusions.
This is always good to know.
Anyone else trying to sort this, here’s my findings:
Two modules were missing, Fail2ban-SendMail (sends the emails) and Whois (sends the email recipient IP whois info of jail fail IPs)
To install these from command line:
yum -y install whois yum -y install fail2ban-sendmail
After installing these you will need to navigate on your server’s web interface to:
WEBMIN > NETWORKING > Fail2Ban Intrusion Detector
When page is loaded choose the “Edit Config Files” button.
When loaded Select the Editing config file dropdown and select:
Editing this file - Insert into top of file on line 1:
[DEFAULT] bantime = 10m findtime = 120s destemail = email@example.com sender = root sendername = Fail2ban (Or whatever you want) mta = sendmail action = %(action_mw)s
Enjoy your Fail2Ban emails!
Then turn them off for being annoying or customise them…… lol