d|b

For new admins that want to be able to access your cPanel server via SSH from multiple locations, you need to have a firewall solution in place. It is also a really good idea to have a solution in place that will block malicious SSH connection attempts.

Shorewall with Fail2Ban are two really good programs to use for these needs. Thankfully, the Fedora Project has set up an extra’s repository that houses these two programs in easy to install RPMs. From the Fedora Project Wiki:

What is EPEL?

EPEL (Extra Packages for Enterprise Linux) is a volunteer-based community effort from the Fedora project to create a repository of high-quality add-on packages that complement the Fedora-based Red Hat Enterprise Linux (RHEL) and its compatible spinoffs, such as CentOS and Scientific Linux.

As part of the Fedora packaging community, EPEL packages are 100% free/libre open source software (FLOSS).

To install these programs, you will first need to obtain the RPMs from the EPEL repository. You can either add the repo to your repo list or wget the RPMs directly.

Now you will want to satisfy a simple requirement using yum:

With that out of the way, you can install the RPMs that you have downloaded:

Now that they are both installed you will want to set Fail2Ban to start up with the system:

Congratulations! You now have Shorewall and Fail2Ban installed on your Centos server. Now you may want to configure Fail2Ban if you want to to change the way that it logs or if you need to white-list an IP.