Hello everybody, how are you all doing today? I hope you are all having a wonderful Friday morning. I just woke up about an hour ago and I have to admit, despite this day being my day off, I might just spend it sleeping all day. I am dead tired for some reason! Anyway check out this tutorial we found online, it’s an easy tutorial to follow, you should get everything running on your Ubuntu server within 10 minutes, read on….
DenyHosts is a python tool that monitors your webserver logs for activities that may signal a brute force attack against you. A brute force attack is a method used by bad guys to gain access to your servers using hundreds, sometimes thousands of random username and password combinations.
DenyHosts tool looks for these activities and try to stop these attacks by banning or blocking the IP addresses that are being used to attack your servers. It’s as simple as that.
This brief tutorial is going to show you how to install DenyHosts on Ubuntu 18.04 server to help prevent these attacks. There are many other methods that attackers may use against your servers, but using combinations of random username and passwords may not succeed because of DenyHosts.
Currently DenyHosts isn’t available through Ubuntu default repository. Previously one would just run the apt-get command to install it. Not anymore.
To install DenyHosts, you must manually download and install it. I will show you how to do it below.
Visit DenyHosts home page and download a copy for you server. Or run the commands below to download version 2.8 (latest as of today’s date)
cd /tmp/ && wget https://downloads.sourceforge.net/project/denyhost/denyhost-2.8/denyhosts-2.8.tar.gz
Next, run the commands below to extract it.
tar xzf denyhosts*.tar.gz
Then run the commands below to change into the extracted folder
cd DenyHosts*
Finally, run the commands below to install the program
sudo python setup.py install
After running the commands above, DenyHosts will be installed on your server but not fully configured You must manually configure the tool.
Copy the daemon file to the /etc/init.d/ directory.
sudo cp /usr/local/bin/daemon-control-dist /etc/init.d/denyhosts
Next, open the script and make the below highlighted change
sudo vi /etc/init.d/denyhosts
###############################################
#### Edit these to suit your configuration ####
###############################################
DENYHOSTS_BIN = “/usr/local/bin/denyhosts.py”
DENYHOSTS_LOCK = “/run/denyhosts.pid”
DENYHOSTS_CFG = “/etc/denyhosts.conf”
PYTHON_BIN = “/usr/bin/env python”
Once installed, its configured and ready to protect your servers. One thing most webmasters do is go white-list their own IP address so they don’t get blocked or banned mistakenly.
To white-list your own IP address, open the allow host file in the /etc/ directory and add your IP address you use to connect to the server.
sudo vi /etc/hosts.allow
Then add your IP address in the file and save it.
# /etc/hosts.allow: list of hosts that are allowed to access the system.
# See the manual pages hosts_access(5) and hosts_options(5).
#
# Example: ALL: LOCAL @some_netgroup
# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you’re going to protect the portmapper use the name “rpcbind” for the
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
#
sshd: 41.28.18.76(replace with your own ip)
Restart DenyHosts by running the commands below.
sudo /etc/init.d/denyhosts start
DenyHosts configuration file is at /etc/denyhosts.conf
That’s it! You are finally done and you should now be that much safer on your Ubuntu 20.04 Server!
Big thanks to LiberianGeek.net for this tutorial!
Remember to like our facebook and our twitter @ubuntufree for a chance to win a free Ubuntu laptop on December 25!
Quick Links: Download Ubuntu eBooks | Install Atraci On Ubuntu