diff --git a/web/app/docs/post-install/security/page.tsx b/web/app/docs/post-install/security/page.tsx
index 136ac90..b483158 100644
--- a/web/app/docs/post-install/security/page.tsx
+++ b/web/app/docs/post-install/security/page.tsx
@@ -105,99 +105,130 @@ lynis audit system
/>
-
-
- Protect Web Interface with Fail2Ban
-
-
- Fail2Ban enhances security by monitoring login attempts and banning malicious IPs that attempt unauthorized access.
-
-
- How it works: Fail2Ban analyzes logs, detects repeated authentication failures, and automatically bans the source IP address to prevent further attacks.
-
-
- - Protects the Proxmox VE web interface from brute-force attacks
- - Prevents unauthorized SSH access by banning repeated failed login attempts
- - Automatically blocks malicious IPs to reduce attack vectors
-
+
+
+ Protect Web Interface with Fail2Ban
+
+
+ Fail2Ban enhances security by monitoring login attempts and banning malicious IPs that attempt unauthorized access.
+
+
+ How it works: Fail2Ban analyzes logs, detects repeated authentication failures, and automatically bans the source IP address to prevent further attacks.
+
+
+ - Protects the Proxmox VE web interface from brute-force attacks
+ - Prevents unauthorized SSH access by banning repeated failed login attempts
+ - Automatically blocks malicious IPs to reduce attack vectors
+
- This adjustment automates the following commands:
- Fail2Ban Configuration Overview
+
+ Fail2Ban is configured with the following security policies:
+
+
+ - Ban Duration: 24 hours for SSH and 1 hour for Proxmox
+ - Max Retries: 2 failed attempts for SSH, 3 for Proxmox
+ - Find Time: 30 minutes for SSH, 10 minutes for Proxmox
+ - Log Monitoring:
/var/log/auth.log for SSH and /var/log/daemon.log for Proxmox
+
-# Configure Proxmox filter to detect failed logins
-cat < /etc/fail2ban/filter.d/proxmox.conf
-[Definition]
-failregex = pvedaemon\[.*authentication failure; rhost= user=.* msg=.*
-ignoreregex =
-EOF
- `}
- />
-
- Define security rules for Proxmox:
- /etc/fail2ban/jail.d/proxmox.conf
-[proxmox]
-enabled = true
-port = https,http,8006,8007
-filter = proxmox
-logpath = /var/log/daemon.log
-maxretry = 3
-bantime = 3600
-findtime = 600
-EOF
- `}
- />
+ Install and configure Fail2Ban with the following commands:
+
- Set up global Fail2Ban policies:
- /etc/fail2ban/jail.local
-[DEFAULT]
-ignoreip = 127.0.0.1
-bantime = 86400
-maxretry = 2
-findtime = 1800
+ Configure the Proxmox filter to detect failed logins:
+ /etc/fail2ban/filter.d/proxmox.conf
+ [Definition]
+ failregex = pvedaemon\\[.*authentication failure; rhost= user=.* msg=.*
+ ignoreregex =
+ EOF
+ `}
+ />
-[ssh-iptables]
-enabled = true
-filter = sshd
-action = iptables[name=SSH, port=ssh, protocol=tcp]
-logpath = /var/log/auth.log
-maxretry = 2
-findtime = 3600
-bantime = 32400
-EOF
- `}
- />
+ Define security rules for Proxmox:
+ /etc/fail2ban/jail.d/proxmox.conf
+ [proxmox]
+ enabled = true
+ port = https,http,8006,8007
+ filter = proxmox
+ logpath = /var/log/daemon.log
+ maxretry = 3
+ bantime = 3600
+ findtime = 600
+ EOF
+ `}
+ />
- Enable and restart the Fail2Ban service:
-
+ Set up global Fail2Ban policies:
+ /etc/fail2ban/jail.local
+ [DEFAULT]
+ ignoreip = 127.0.0.1
+ bantime = 86400
+ maxretry = 2
+ findtime = 1800
- Check active Fail2Ban jails:
-
-# Check status of Proxmox protection
-fail2ban-client status proxmox
+ Enable and restart the Fail2Ban service:
+
+
+ Check active Fail2Ban jails:
+
+
+ Managing Fail2Ban
+ You can manually unban an IP if needed:
+
+
+ # Unban an IP from Proxmox protection
+ fail2ban-client set proxmox unbanip
+ `}
+ />
+
+Fail2Ban will now automatically protect your Proxmox VE and SSH access, reducing the risk of brute-force attacks.
-# Check status of SSH protection
-fail2ban-client status ssh-iptables
- `}
- />