Fail2ban Quraşdırma və Konfiqurasiya

#!/bin/bash

# Fail2ban Setup Script

if [ "$EUID" -ne 0 ]; then 
    echo "Please run as root"
    exit 1
fi

echo "Installing Fail2ban..."

if command -v apt-get &> /dev/null; then
    apt-get update
    apt-get install -y fail2ban
elif command -v yum &> /dev/null; then
    yum install -y epel-release
    yum install -y fail2ban
fi

cat > /etc/fail2ban/jail.local << EOF
[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 5
destemail = admin@localhost
sendername = Fail2Ban
action = %(action_mwl)s

[sshd]
enabled = true
port = ssh
logpath = /var/log/auth.log
maxretry = 3

[apache-auth]
enabled = true
port = http,https
logpath = /var/log/apache*/*error.log

[nginx-http-auth]
enabled = true
port = http,https
logpath = /var/log/nginx/error.log

[nginx-noscript]
enabled = true
port = http,https
logpath = /var/log/nginx/access.log

[nginx-badbots]
enabled = true
port = http,https
logpath = /var/log/nginx/access.log

[nginx-noproxy]
enabled = true
port = http,https
logpath = /var/log/nginx/access.log
EOF

systemctl enable fail2ban
systemctl start fail2ban

echo "✓ Fail2ban installed and configured!"
echo ""
echo "Check status: fail2ban-client status"
echo "Check banned IPs: fail2ban-client status sshd"
echo "Unban IP: fail2ban-client set sshd unbanip <IP>"

sudo chmod +x fail2ban_setup.sh
sudo ./fail2ban_setup.sh

# Check status
sudo fail2ban-client status
sudo fail2ban-client status sshd