Proxmox has some well known ports open and a root user account that needs to be open for stuff to work right. This can lead to problems when trying to secure your Proxmox server here is one step you can take to help secure your server.
First we need to install Fail2ban
apt install fail2ban -yNow it is time to start configuring fail2ban
nano /etc/fail2ban/jail.localin this file we are going to load a config that will help us guard both the ssh port 22, and the Proxmox web interface on port 8006
[sshd]
port = ssh
logpath = %(sshd_log)s
enabled = true
[proxmox]
enabled = true
port = https,http,8006
filter = proxmox
logpath = /var/log/daemon.log
maxretry = 3
# 1 hour
bantime = 3600Fail2ban needs a filter to know what a bad login looks like on the web interface
nano /etc/fail2ban/filter.d/proxmox.conf[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =Once done we need to restart fail2ban
systemctl restart fail2banTo see if the config is working
SSH
fail2ban-client status sshdWeb Interface
fail2ban-client status proxmox