Introduction
Installing Fail2Ban
Configuring Fail2Ban

Introduction

Anyone having virtual machines exposed to the internet has been subject to third parties attempting to log in without authorisation. Opening port 22 to the internet for SSH access means that there will be attempts to log in to your machine with various accounts such as root and passwords.
There are a few ways to reduce this. Fail2Ban is a program that we can use to limit the number of logins via SSH by tracing the IP address and adding it to a temporary blacklist.

Introduction
Installing caddy
Installing caddy
Configuring caddy
Accessing logs
Using tcpdump to inspect http/3 protocol
Using jq to make logs readable as csv
Final note

Introduction

In this article we will install Caddy web server, in order to make use of the http/3 protocol on the hosted web-site.
Caddy will serve web-pages using the older http/1.1 protocol for older web browsers.
The server will also automatically renew the SSL web-site certificate and, when using http/3, browsers will use TLS 1.3, a secure protocol, and UDP, instead of TCP; this reduces latency and saves bandwidth.

In this article, we will deploy the same AWS infrastructure as in the Github article.
We will use the same main.tf file, we’ve changed the name of the .tfstate terraform state file in the S3 bucket.

The .gitlab-ci.yml file in the root of the project contains the 3 stages, plan/apply and destroy. The plan/apply stages are triggered by any changes committed to the main.tf terraform file.
They can also be run manually, from the Build/pipelines section, where 3 checkmarks will appear under the Stages header, for the pipeline.
The destroy stage can be invoked manually by clicking on the last checkmark and on the run button at the end.
The AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY variables need to be added manually to the Settings > CI/CD section.