Installing fail2web on Ubuntu 14.10 - Published 2015-03-15
While in theory it would be nice to have every network service behind a LAN/certificate that isn't always possible. Many protocols don't have certificate authentication, and even if they do maybe your client doesn't support it. So you are left with password authentication, but what happens when someone uses a 4 char password... and an attacker is able to guess 1000 times every minute? Seems like a complicated problem, but not with fail2ban! The following description is lifted from the fail2ban documentation.
However, once I installed fail2ban I found myself locking myself out of my servers all the time! I would setup a SIP client to use the wrong password, and would spend way to much time debugging what was wrong! With fail2web, that is all a thing of the past! fail2web is a mobile first GUI to fail2ban, that allows you to view who is currently banned, test regexes and view graphs on past bans.
Even though this tutorial is written for Ubuntu, it should work on any host that has Golang and fail2ban (All Unixes). You might have to deviate from this tutorial, but it should covert most of it.
First we need to install fail2rest, the daemon that communicates with fail2ban. The backend requires the Go programming language, and git to download it. If you have never used Go before you can follow this verbatim, adjust as needed if you already have a Gopath set.
Install the necessary libraries
sudo apt-get install golang git gcc
go get github.com/Sean-Der/fail2rest
Enter the fail2rest folder
sudo -E go run *.go
If everything worked this program should just run forever! We will update it to run as a service later, but make sure it is working first. Run
wget -qO- -- "localhost:5000/global/ping" if that returns "pong" you have a running fail2rest instance!
Next we are going to install fail2web in /var/www/fail2web, later we will access this via apache
git clone --depth=1 https://github.com/Sean-Der/fail2web.git /var/www/fail2web
Delete the .git directory
rm -rf !$/.git
Congrats, you are almost done! You now have all the moving parts, all that is left is to serve it via Apache
Access it via Apache Next we need to create a vhost config for fail2web, and put it behind a password
sudo apt-get install apache2 apache2-utils
Setting a password Make sure to replace YOUR_USERNAME
sudo htpasswd -c /var/www/htpasswd YOUR_USERNAME
Enable the Apache modules needed for ProxyPass
sudo a2enmod proxy proxy_ajp proxy_http rewrite deflate headers proxy_balancer proxy_connect proxy_html
Create your fail2web config
Then with your text editor of choice create
/etc/apache2/sites-enabled/fail2web.conf with the following content. Make sure to replace
<VirtualHost *:80> ServerName fail2web.yourserver.com ##CHANGE THIS DocumentRoot /var/www/fail2web/web <Location /> AuthType Basic AuthName "Restricted" AuthBasicProvider file AuthUserFile /var/www/htpasswd Require valid-user </Location> ProxyPass /api http://127.0.0.1:5000 </VirtualHost>
fail2web should now be accessible via the ServerName you chose above