{"id":13060,"date":"2025-01-31T12:23:06","date_gmt":"2025-01-31T09:23:06","guid":{"rendered":"https:\/\/www.inetmar.com\/blog\/?p=13060"},"modified":"2025-01-31T12:23:52","modified_gmt":"2025-01-31T09:23:52","slug":"almalinux-uzerinde-fail2ban-kurulumu","status":"publish","type":"post","link":"https:\/\/www.inetmar.com\/blog\/almalinux-uzerinde-fail2ban-kurulumu\/","title":{"rendered":"AlmaLinux \u00dczerinde Fail2Ban Kurulumu"},"content":{"rendered":"<p>Kulland\u0131\u011f\u0131n\u0131z sunucu brute-force sald\u0131r\u0131lar\u0131 gibi yetkisiz giri\u015f denemelerine kar\u015f\u0131 savunmas\u0131z olabilir. \u00d6zellikle SSH, FTP ve web servisleri s\u0131k\u00e7a sald\u0131r\u0131ya u\u011frar. Bu t\u00fcr sald\u0131r\u0131lar\u0131 \u00f6nlemek i\u00e7in <strong>Fail2Ban<\/strong> gibi otomatik engelleme sistemleri kullan\u0131l\u0131r. Peki nedir bu fail2ban nas\u0131l kurulur gelin beraber inceleyelim. \ud83d\ude42<\/p>\n<h2>Fail2Ban Nedir?<\/h2>\n<p><strong>Fail2Ban<\/strong>\u00a0belirli bir s\u00fcre i\u00e7inde belirlenen say\u0131da yanl\u0131\u015f parola giri\u015fini tespit ederek ilgili IP adreslerini otomatik olarak engelleyen bir g\u00fcvenlik arac\u0131d\u0131r. SSH, FTP, HTTP gibi servisleri brute-force sald\u0131r\u0131lar\u0131na kar\u015f\u0131 korur ve <strong>iptables<\/strong>, <strong>firewalld<\/strong> veya <strong>TCP Wrappers<\/strong> kullanarak IP&#8217;leri ge\u00e7ici veya kal\u0131c\u0131 olarak yasaklar.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-13066\" src=\"https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2025\/01\/almalinuxkurulumu-300x75.png\" alt=\"AlmaLinux \u00dczerinde Fail2Ban Kurulumu\" width=\"692\" height=\"173\" srcset=\"https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2025\/01\/almalinuxkurulumu-300x75.png 300w, https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2025\/01\/almalinuxkurulumu-768x191.png 768w, https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2025\/01\/almalinuxkurulumu.png 952w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<h2>Fail2Ban Kurulumu<\/h2>\n<p>Fail2Ban kurulumu i\u00e7in sunucunuza root giri\u015fi yaparak a\u015fa\u011f\u0131daki komutu \u00e7al\u0131\u015ft\u0131r\u0131n:<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-bash\">dnf install fail2ban -y<br \/>\n<\/code><\/div>\n<\/div>\n<p>Kurulum tamamland\u0131ktan sonra yap\u0131land\u0131rma dosyas\u0131n\u0131 <code>.local<\/code> olarak kopyalay\u0131n. <code>.local<\/code> konfigrasyon <code>(.conf)<\/code> dosyas\u0131na g\u00f6re daha y\u00fcksek \u00f6nceli\u011fe sahiptir ve de\u011fi\u015fiklikler bu dosya \u00fczerinden yap\u0131lmal\u0131d\u0131r.<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-bash\"><span class=\"hljs-built_in\">cp<\/span> \/etc\/fail2ban\/jail.conf \/etc\/fail2ban\/jail.local<br \/>\n<\/code><\/div>\n<\/div>\n<p>Daha sonra yap\u0131land\u0131rma dosyas\u0131n\u0131 d\u00fczenlemek i\u00e7in a\u00e7\u0131n:<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-bash\">vi \/etc\/fail2ban\/jail.local<br \/>\n<\/code><\/div>\n<\/div>\n<h2>Fail2Ban Yap\u0131land\u0131rmas\u0131<\/h2>\n<p>A\u00e7\u0131lan dosyada a\u015fa\u011f\u0131daki temel parametreleri kendinize g\u00f6re ayarlayabilirsiniz:<\/p>\n<ul>\n<li><strong>ignoreip<\/strong> \u2013 Engellenmemesi gereken g\u00fcvenilir IP adreslerini buraya ekleyebilirsiniz.<\/li>\n<li><strong>bantime<\/strong> \u2013 Engellenen IP\u2019nin yasakl\u0131 kalaca\u011f\u0131 s\u00fcreyi saniye cinsinden belirler. (<code>bantime = 3600<\/code> \u2192 1 saat).<\/li>\n<li><strong>findtime<\/strong> \u2013 Belirtilen s\u00fcre i\u00e7inde ka\u00e7 hatal\u0131 giri\u015fin analiz edilece\u011fini belirler. (<code>findtime = 600<\/code> \u2192 10 dakika).<\/li>\n<li><strong>maxretry<\/strong> \u2013 Belirlenen s\u00fcre i\u00e7inde ka\u00e7 ba\u015far\u0131s\u0131z giri\u015f denemesinden sonra IP\u2019nin engellenece\u011fini ayarlar. (<code>maxretry = 5<\/code>).<\/li>\n<\/ul>\n<p>SSH i\u00e7in koruma varsay\u0131lan olarak a\u00e7\u0131kt\u0131r. Ancak FTP veya di\u011fer servisler i\u00e7in de koruma a\u00e7mak istiyorsan\u0131z ilgili b\u00f6l\u00fcmde <strong><code>enabled = false<\/code><\/strong> ayar\u0131n\u0131 <strong><code>enabled = true<\/code><\/strong> olarak de\u011fi\u015ftirin.<\/p>\n<p>\u00d6rne\u011fin <strong>FTP korumas\u0131n\u0131<\/strong> etkinle\u015ftirmek i\u00e7in a\u015fa\u011f\u0131daki \u00f6rne\u011fi inceleyebilirsiniz.<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-ini\"><span class=\"hljs-section\">[proftpd-iptables]<\/span><br \/>\n<span class=\"hljs-attr\">enabled<\/span> = <span class=\"hljs-literal\">true<\/span><br \/>\n<span class=\"hljs-attr\">filter<\/span> = proftpd<br \/>\n<span class=\"hljs-attr\">action<\/span> = iptables[name=ProFTPD, port=ftp, protocol=tcp]\nsendmail-whois<span class=\"hljs-section\">[name=ProFTPD, dest=you@example.com]<\/span><br \/>\n<span class=\"hljs-attr\">logpath<\/span> = \/var\/log\/proftpd\/proftpd.log<br \/>\n<span class=\"hljs-attr\">maxretry<\/span> = <span class=\"hljs-number\">6<\/span><br \/>\n<\/code><\/div>\n<\/div>\n<h2>Fail2Ban Servisini Ba\u015flatma ve Test Etme<\/h2>\n<p>Yap\u0131land\u0131rmay\u0131 tamamlad\u0131ktan sonra Fail2Ban servisini ba\u015flat\u0131p sistem a\u00e7\u0131l\u0131\u015f\u0131nda otomatik ba\u015flamas\u0131n\u0131 sa\u011flay\u0131n.<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-bash\">systemctl <span class=\"hljs-built_in\">enable<\/span> --now fail2ban<br \/>\n<\/code><\/div>\n<\/div>\n<p>Fail2Ban\u2019in \u00e7al\u0131\u015f\u0131p \u00e7al\u0131\u015fmad\u0131\u011f\u0131n\u0131 do\u011frulamak i\u00e7in:<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-bash\">fail2ban-client status<br \/>\n<\/code><\/div>\n<\/div>\n<p>E\u011fer iptables kullan\u0131yorsan\u0131z Fail2Ban taraf\u0131ndan eklenen kurallar\u0131 g\u00f6rmek i\u00e7in:<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-bash\">iptables-save | grep fail2ban<br \/>\n<\/code><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p><strong>NOT:<\/strong> E\u011fer firewalld kullan\u0131yorsan\u0131z eklenen kurallar\u0131 g\u00f6rmek i\u00e7in a\u015fa\u011f\u0131daki komutu kullanman\u0131z gerekir.<\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary dark:bg-gray-950\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"!whitespace-pre hljs language-bash\">firewall-cmd --list-all<br \/>\n<\/code><\/div>\n<\/div>\n<p>Bu ad\u0131mlar\u0131 tamamlad\u0131ktan sonra sunucunuzda <strong>Fail2Ban<\/strong> ba\u015far\u0131l\u0131 bir \u015fekilde \u00e7al\u0131\u015f\u0131yor olacakt\u0131r. Sizde <a href=\"https:\/\/www.inetmar.com\/hosting\/\" target=\"_blank\" rel=\"noopener\">web hosting<\/a> hizmetlerimizi incelemek i\u00e7in web sitemizi ziyaret edin!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kulland\u0131\u011f\u0131n\u0131z sunucu brute-force sald\u0131r\u0131lar\u0131 gibi yetkisiz giri\u015f denemelerine kar\u015f\u0131 savunmas\u0131z olabilir. \u00d6zellikle SSH, FTP ve web servisleri s\u0131k\u00e7a sald\u0131r\u0131ya u\u011frar. Bu t\u00fcr sald\u0131r\u0131lar\u0131 \u00f6nlemek i\u00e7in Fail2Ban gibi otomatik engelleme sistemleri kullan\u0131l\u0131r. Peki nedir bu fail2ban&#46;&#46;&#46;<\/p>\n","protected":false},"author":2,"featured_media":13065,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[52,11],"tags":[],"class_list":["post-13060","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guvenlik","category-linux"],"_links":{"self":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/13060","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/comments?post=13060"}],"version-history":[{"count":8,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/13060\/revisions"}],"predecessor-version":[{"id":13070,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/13060\/revisions\/13070"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/media\/13065"}],"wp:attachment":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/media?parent=13060"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/categories?post=13060"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/tags?post=13060"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}