Tag: linux security

🔐 Automatically Install Fail2Ban with Smart Jail Detection on Your VPS (Script by Hosteons)

Leave a Comment on 🔐 Automatically Install Fail2Ban with Smart Jail Detection on Your VPS (Script by Hosteons)

Here’s a complete WordPress blog post draft to promote your Fail2Ban Auto-Installer script from GitHub:

🔐 Automatically Install Fail2Ban with Smart Jail Detection on Your VPS (Script by Hosteons)

At Hosteons, we’re committed to making server security easier for everyone. Whether you’re running a small VPS or managing a fleet of Linux servers, protecting against brute-force attacks is critical.

That’s why we’ve created a Fail2Ban Auto-Installer Script that not only installs Fail2Ban but also auto-detects and enables jails for common services like SSHApache, and Nginx — all in one click.

👉 GitHub Repository:

https://github.com/hosteons/Fail2Ban-Auto-Installer-With-Jail

✅ Key Features

  • Installs Fail2Ban on UbuntuDebianAlmaLinux, and CentOS
  • Detects installed services (e.g., sshd, nginx, apache) and enables jails accordingly
  • Skips jails for services not found on the system
  • Handles log file paths intelligently based on distro
  • Verifies and restarts Fail2Ban only if configuration is valid
  • Smart checks if Fail2Ban is already installed
  • Minimal and safe — logs errors clearly

🧠 How It Works

When you run the script:

  1. It detects your Linux OS flavor.
  2. Installs Fail2Ban (if not already installed).
  3. Checks if apache, nginx, or sshd is active.
  4. Adds only the appropriate jails with correct log paths.
  5. Restarts Fail2Ban and confirms its status.
  6. Provides clear output so you know it’s working.

This ensures Fail2Ban doesn’t fail due to missing log files or services — a common issue in manual configurations.

📥 How to Use

  1. Download the script:
wget https://raw.githubusercontent.com/hosteons/Fail2Ban-Auto-Installer-With-Jail/main/fail2ban_auto_installer.sh
chmod +x fail2ban_auto_installer.sh
./fail2ban_auto_installer.sh
  2. That’s it. The script handles the rest!

🚀 Need a Secure VPS?

This script runs perfectly on our KVM VPS and Ryzen VPS plans. Visit hosteons.com to explore secure hosting powered by NVMe SSD and DDoS protection — with native support for IPv6, WireGuard VPN, and more.

🔗 Related Resources

One-Click Linux Malware & Rootkit Scanner Using ClamAV and RKHunter

Leave a Comment on One-Click Linux Malware & Rootkit Scanner Using ClamAV and RKHunter

Secure Your Linux VPS in One Click with Our Rootkit & Malware Scanner

Running a VPS or dedicated server? One of the most overlooked but critical steps is making sure your system is free of rootkits and malware.

To simplify this task, we at Hosteons have released a free and open-source script that automatically installs, updates, and runs malware and rootkit scans using two of the most trusted tools in the Linux ecosystem:

  • ClamAV – an open-source antivirus engine
  • RKHunter – a rootkit scanner that checks for backdoors, local exploits, and suspicious files

🔧 What the Script Does

  • Detects your Linux distribution (Ubuntu, Debian, CentOS, AlmaLinux)
  • Installs ClamAV and RKHunter
  • Automatically updates malware and rootkit signature databases
  • Fixes common errors like WEB_CMD=”/bin/false” in RKHunter config
  • Runs full ClamAV scan
  • Executes a complete RKHunter rootkit check
  • Compatible with minimal or fresh VPS installations

📥 Download and Run

Run the following commands to download and execute:

curl -O https://raw.githubusercontent.com/hosteons/linux-malware-scanner/main/scan.sh
chmod +x scan.sh
sudo ./scan.sh

Or get the full packaged ZIP with README and LICENSE:

👉 Download from GitHub

📋 Output and Logs

  • ClamAV scan will output infected files (if any)
  • RKHunter will show warnings and potential issues
  • All actions run with user confirmation and are fully transparent

⚠️ Note

This script is non-destructive – it only scans and reports. It does not automatically delete or quarantine any files. Always review flagged files before taking any action.

🎯 Why Use This?

  • Ideal for hosting providers and system admins
  • Perfect for VPS users looking for a quick, effective scan
  • Good first step after initial OS setup

🙌 Contribute or Report Issues

You can fork, improve, or report bugs directly on GitHub:

🔗 https://github.com/hosteons/linux-malware-scanner

Basic Security Guide for AlmaLinux 9

Leave a Comment on Basic Security Guide for AlmaLinux 9
Almalinux Security
Almalinux Security

Securing your server is a critical task for any system administrator, developer, or business owner. AlmaLinux 9, as a stable and robust RHEL-based distribution, offers great tools and features that make it an excellent choice for hosting websites, applications, or services. In this tutorial, we’ll walk you through basic security measures you can implement to keep your AlmaLinux 9 server secure.

1. Update Your System

The first and foremost step in securing your system is ensuring that it’s up-to-date with the latest security patches.

Command:

sudo dnf update -y

This command updates all installed packages to their latest versions, closing any known vulnerabilities.

2. Create a Non-Root User

Running your system as the root user is risky, as any command executed with root privileges can make sweeping changes to the system. Instead, create a non-root user and use sudo for administrative tasks.

Command:

sudo adduser yourusername
sudo passwd yourusername
sudo usermod -aG wheel yourusername

Now you can switch to this new user with:

su - yourusername

3. Configure a Firewall Using firewalld

AlmaLinux 9 comes with firewalld, a dynamic firewall management tool that provides a simple way to manage firewall rules.

Start and enable firewalld:

sudo systemctl start firewalld
sudo systemctl enable firewalld

Check the status of the firewall:

sudo firewall-cmd --state

Allow or deny services/ports:
For example, to allow SSH (port 22):

sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --reload

4. Enable SELinux (Security-Enhanced Linux)

SELinux provides an additional layer of security by controlling access to files, processes, and ports.

Check SELinux status:

sestatus

If it’s disabled, enable it by editing /etc/selinux/config:

sudo nano /etc/selinux/config

Set SELINUX=enforcing, then reboot the server:

sudo reboot

5. Install and Configure Fail2Ban

fail2ban is a service that helps protect your server from brute-force attacks by banning IP addresses that show malicious signs.

Install fail2ban:

sudo dnf install fail2ban -y

Start and enable the service:

sudo systemctl start fail2ban
sudo systemctl enable fail2ban

Configure fail2ban:
Create a local configuration file:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Edit the file to enable the SSH jail:

sudo nano /etc/fail2ban/jail.local

Set [sshd] parameters like:

[sshd]
enabled = true

6. Disable Root Login via SSH

To further secure SSH access, prevent direct root logins.

Edit the SSH configuration file:

sudo nano /etc/ssh/sshd_config

Find and set:

PermitRootLogin no

Restart the SSH service:

sudo systemctl restart sshd

7. Set Up Automatic Updates

You can automate security updates with the dnf-automatic tool.

Install dnf-automatic:

sudo dnf install dnf-automatic -y

Configure automatic updates:
Edit the configuration file /etc/dnf/automatic.conf to set:

apply_updates = yes

Enable the service:

sudo systemctl enable --now dnf-automatic.timer

8. Install and Configure an Intrusion Detection System (IDS)

For added security, consider installing an IDS like AIDE (Advanced Intrusion Detection Environment).

Install AIDE:

sudo dnf install aide -y

Initialize the AIDE database:

sudo aide --init
sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

Run a manual check with:

sudo aide --check

Conclusion

By following these basic security steps, you’re well on your way to securing your AlmaLinux 9 server. These measures provide a solid foundation for system hardening and mitigating potential threats. As always, security is an ongoing process, and regular audits and updates are crucial for long-term protection.

Feel free to share your own security tips or ask questions in the comments!