MongoDB
Create an SSH jail by creating the file /etc/fail2ban/jail.d/mongodb.local. Paste in the following config, adapt it to your needs
[mongo-auth]
enabled = true
filter = mongo-auth
logpath = /var/log/mongodb/mongod.log
maxretry = 3
port = 27017
banaction = iptables-multiport[name="mongo", port="27017"]
bantime = 86400
findtime = 300Start and reload SSHD, and then add your jail
sudo fail2ban-client start
sudo fail2ban-client reload
sudo fail2ban-client add mongodb
No Comments