Update

2025-07-09 09:46:54 +00:00 · 2025-03-02 18:25:39 +01:00 · 2025-03-02 18:25:39 +01:00 · de90a631f5
commit de90a631f5
parent 633de9bd15
1 changed files with 116 additions and 85 deletions
--- a/web/app/docs/post-install/security/page.tsx
+++ b/web/app/docs/post-install/security/page.tsx
@ -121,16 +121,32 @@ lynis audit system
      <li>Automatically blocks malicious IPs to reduce attack vectors</li>
    </ul>

-      <p className="text-lg mb-2">This adjustment automates the following commands:</p>
+    <h4 className="text-lg font-semibold mt-4">Fail2Ban Configuration Overview</h4>
+    <p className="mb-4">
+      Fail2Ban is configured with the following security policies:
+    </p>
+    <ul className="list-disc pl-5 mb-4">
+      <li><strong>Ban Duration:</strong> 24 hours for SSH and 1 hour for Proxmox</li>
+      <li><strong>Max Retries:</strong> 2 failed attempts for SSH, 3 for Proxmox</li>
+      <li><strong>Find Time:</strong> 30 minutes for SSH, 10 minutes for Proxmox</li>
+      <li><strong>Log Monitoring:</strong> <code>/var/log/auth.log</code> for SSH and <code>/var/log/daemon.log</code> for Proxmox</li>
+    </ul>
+
+    <p className="text-lg mb-2">Install and configure Fail2Ban with the following commands:</p>
    <CopyableCode
      code={`
    # Install Fail2Ban
    apt-get -y install fail2ban
+      `}
+    />

-# Configure Proxmox filter to detect failed logins
+    <p className="text-lg mt-4">Configure the Proxmox filter to detect failed logins:</p>
+    <CopyableCode
+      code={`
+    # Create the Fail2Ban filter for Proxmox
    cat <<EOF > /etc/fail2ban/filter.d/proxmox.conf
    [Definition]
-failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
+    failregex = pvedaemon\\[.*authentication failure; rhost=<HOST> user=.* msg=.*
    ignoreregex =
    EOF
      `}
@ -199,6 +215,21 @@ fail2ban-client status ssh-iptables
      `}
    />

+    <h4 className="text-lg font-semibold mt-4">Managing Fail2Ban</h4>
+    <p className="mb-4">You can manually unban an IP if needed:</p>
+    <CopyableCode
+      code={`
+    # Unban an IP from SSH protection
+    fail2ban-client set ssh-iptables unbanip <IP_ADDRESS>
+
+    # Unban an IP from Proxmox protection
+    fail2ban-client set proxmox unbanip <IP_ADDRESS>
+      `}
+    />
+
+<p className="mt-4">Fail2Ban will now automatically protect your Proxmox VE and SSH access, reducing the risk of brute-force attacks.</p>
+
+
      <section className="mt-12 p-4 bg-blue-100 rounded-md">
        <h2 className="text-xl font-semibold mb-2">Automatic Application</h2>
        <p>