Security configuration

by willemkokke
0 deployments · 0 still active · last rev. 9 months ago

This is a library to configure some basic security using ufw and Fail2ban
Do not deploy directly, but include it with:

source <ssinclude StackScriptID=14158>

You need to copy the UDF declarations into the main calling script as only the main script seems to be parsed for UDF declarations.


Compatible with: Ubuntu 14.04 LTS
Includes: Utilities
# @willemkokke
# Copy this into the main calling script

source <ssinclude StackScriptID=14154> # Utilities

function configure_security {
    log "Installing UFW"
    aptitude -y install ufw
    ufw enable
    ufw allow ssh
    ufw allow ntp

    log "Installing Fail2Ban"
    aptitude -y install fail2ban
    cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
    cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local 

    export REGEX='            ^(?P<__prefix>%(__prefix_line)s)Connection from <HOST> port \d+(?: on \S+ port \d+)?<SKIPLINES>(?P=__prefix)Disconnecting: Too many authentication failures for .+? \[preauth\]$';
    mv /etc/fail2ban/filter.d/sshd.conf /etc/fail2ban/filter.d/sshdnew.conf
    cat /etc/fail2ban/filter.d/sshdnew.conf | tr '\n' 'q' | sed -r "s/(failregex.*\\$)(.+ignoreregex)/\1\n$REGEX\2/" | tr 'q' '\n' > /etc/fail2ban/filter.d/sshd.conf
    rm /etc/fail2ban/filter.d/sshdnew.conf