Usually,when you deploy a service on a server you, will receive a lot of strange requests trying to discover the services running on your server or attacking it, for example trying to login in the ssh of your server.
Apart from having a strong password and the updated software, fail2ban mitigates this type of attacks blocking the ips that does this request.
How it works
Fail2ban reads the logs of various services that you can configure like ssh or Nginx, and looks for suspicious usages .
Once fail2ban detects incorrect login attempts, fail2ban blocks the ip using iptables
You can check the banned ips using this iptables command:
How to install and configure
You can install it with:
sudo apt-get install fail2ban
After this, you can configure the services that you want to monitor.
On the DEFAULT section there are the following parameters to configure:
bantime: the seconds to ban the ip
findtime: Window of time to check the intents of login
maxretry: Number of intents
The time is specificatied in by default seconds, but you can add an m at the end to specificate minutes
After this you can see different sections to enable the services to monitor, for example:
# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
# normal (default), ddos, extra or aggressive (combines all).
# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
#mode = normal
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
Finally you can add the tag enable = true to enable fail2ban to enable to monitor ssh
Usually when you develop an application it will not run on the same computer where you are developing. This can caused unexpected behaviors when you deploy it,usually cause by permissions, software/package versions,configuration,ect.. or just that we write an error on our code that we didn’t notice. In those cases, it’s difficult to know what is failing but we can use remote debug to check the application state when it fails.
If you are trying to debug a python package and the debugger doesn’t stop, try to install it with the -e flag
To develop different python applications and avoid problems with the requirements of each application I use virtualenvs. To have all the virtualenvs o organized you can use virtualenvwrapper. To install virtualenv you can execute: