DEV Community

Cover image for Cara membuat jail fail2ban untuk Gitea pada Ubuntu 20.04
Erol Joudy
Erol Joudy

Posted on • Originally published at blog.erol.dev

4 3

Cara membuat jail fail2ban untuk Gitea pada Ubuntu 20.04

Pada artikel ini akan ditunjukkan cara instalasi serta konfigurasi filter dan jail fail2ban untuk Gitea.


Instalasi fail2ban

Jalankan perintah berikut ini, untuk melakukan instalasi fail2ban.

sudo apt install fail2ban -y
Enter fullscreen mode Exit fullscreen mode

Konfigurasi

Membuat filter fail2ban

Buat filter fail2ban untuk Gitea dengan cara berikut.

sudo nano /etc/fail2ban/filter.d/gitea.conf
Enter fullscreen mode Exit fullscreen mode

Salin dan isi file gitea.conf dengan baris dibawah ini.

# gitea.conf
[Definition]
failregex =  .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>
ignoreregex =
Enter fullscreen mode Exit fullscreen mode

Membuat jail fail2ban

Buat jail fail2ban untuk Gitea dengan cara berikut.

sudo nano /etc/fail2ban/jail.d/gitea.conf
Enter fullscreen mode Exit fullscreen mode

Salin dan isi file diatas dengan baris dibawah ini.

[gitea]
enabled = true
filter = gitea
logpath = /var/lib/gitea/log/gitea.log
maxretry = 10
findtime = 3600
bantime = 900
action = iptables-allports
Enter fullscreen mode Exit fullscreen mode

Kemudian lakukan restart.

sudo systemctl restart gitea
Enter fullscreen mode Exit fullscreen mode

Pengaturan pada nginx server

Pengaturan ini hanya dijalankan pada server yang menggunakan nginx saja.

Jalankan perintah berikut untuk mengubah file yang dibutuhkan. Pada artikel ini, domain yang digunakan adalah git.contoh.com.

sudo nano /etc/nginx/sites-enabled/git.contoh.com
Enter fullscreen mode Exit fullscreen mode

Tambahkan baris berikut pada file tersebut, abaikan jika sudah ada.

proxy_set_header X-Real-IP $remote_addr;
Enter fullscreen mode Exit fullscreen mode

Simpan perubahan pada file tersebut, dan restart nginx. Langkah ini tidak perlu dilakukan jika tidak ada perubahan pada file diatas.

sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

Image of AssemblyAI tool

Challenge Submission: SpeechCraft - AI-Powered Speech Analysis for Better Communication

SpeechCraft is an advanced real-time speech analytics platform that transforms spoken words into actionable insights. Using cutting-edge AI technology from AssemblyAI, it provides instant transcription while analyzing multiple dimensions of speech performance.

Read full post

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay