Pursuing Success Giorgio Marrale's Marketing and Every Day Life Blog

29Nov/160

Installing Fail2ban on CentOS

Here's a short tutorial for those of you looking to install Fail2ban on an existing CentOS server or VPS.

First of all, you will have to determine which CentOS version you have, with the following command after starting a SSH session using a terminal window:

cat /etc/centos-release

The response will probably be something like this:

CentOS release 6.8 (Final)

Now that we know the CentOS version is 6, we will have to get the latest EPEL yum repository, using the following command:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm

Next step is to install Fail2ban with the following command:

yum install fail2ban

When prompted Is this ok [y/N]: please type y and then hit enter.

This may take a few minutes, so sit back and relax waiting for the installation to finish.

The reasons you might want to protect your server or VPS using Fail2ban is because you are experiencing too many false logins attempts for WordPress, Proftpd, Exim2 or sshd4/sshd5 for example. To do so you will have to create the following local configuration file, using an editor such as nano:

nano /etc/fail2ban/jail.local

(Don't have Nano? You can install Nano with the following command: yum install nano.)

Here is how to set-up a sshd jail to catch failed login attempts to SSH:

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/secure
maxretry = 3
findtime = 3600
bantime = 86400

Here is how to set-up an exim jail to catch failed login attempts to Exim:

[exim]
enabled = true
port = smtp,465,submission
filter = exim
logpath = /var/log/exim/mainlog
maxretry = 3
findtime = 86400
bantime = 31536000

Now that we have created these jails, and saved our configuration file (ctrl+x) we have to restart our server or VPS with the following command:

service fail2ban start

If everything went as expected you should get the following response:

Starting fail2ban: [ OK ]

Using Fail2ban to block login attempts to WordPress

If additionally you also would like to protect your server or VPS from failed login attempts to WordPress, you should first create a filter.

Your filters are located here: /etc/fail2ban/filter.d/

Create a new filter named wordpress.conf using Nano as follows: nano /etc/fail2ban/filter.d/wordpress.conf

Copy and paste the following code into the newly created wordpress.conf filter file:

# Fail2Ban filter for wordpress
#

[INCLUDES]

before = common.conf

[Definition]

_daemon = wordpress

failregex = ^%(__prefix_line)sAuthentication failure for .* from $
^%(__prefix_line)sPingback error .* generated from $

ignoreregex =

# Author: John Doe

Now that you have created the wordpress.conf filter, you will need to add a new rule to your jail.local file which you have previously created:

[wordpress]
enabled = true
filter = wordpress
logpath = /var/log/secure
maxretry = 3
findtime = 86400
bantime = 31536000
action = iptables-multiport[name=wordpress,port="80,443"]

Finally, you will have to restart Fail2ban using the following command: service fail2ban restart

If everything went well, this is what the response should look like:

Stopping fail2ban: [ OK ]
Starting fail2ban: [ OK ]

Congratulations, your server of VPS is now protected against scum trying to make your life misserable!

8Aug/101

Back with a Vengeance!

The summer is nearing its end, and the 'good times' are coming. Just like most other gambling affiliates, I suffer badly during the months of July and August - less traffic, less rake, and so on. During the 2009 summer I lost about 50% of my income, which scared the crap out of me, but thankfully this year, mainly because of investing a fair amount of money into SEO, I managed to keep a stable income. Fair to say, I hate the summer just as much as I love it!

Thursday we came back from our family vacation. This year we've spent two weeks in Estepona (15 km from Marbella) South of Spain. This is also the region we are planning to move to, at least in our dreams (until I convince Lydia that there are plenty of decent schools for our children). The climate is very good all year around, the Spanish people are really friendly, and life over there seems to be a real bargain compared to the Netherlands. And let's not forget, with a possible government ran by Geert Wilders' party... who wants to be here after all.

Anyway, the vacation was rather good, although the hotel could have been much better for a four star hotel. The room was nice, the hotel looked nice too, including the pool side, but these douche bags were charging us for about everything you can think of! If you ever think of going to Estepona, think again before booking the Pierre et Vacances - Calendonia Golf Resort.

Three weeks before leaving I decided to do what Tim Ferriss says, the author of the 4-Hour Workweek. I decided to focus on projects that are currently generating the most of my income, to make even more with them, instead of putting my energy into newly launched projects. So I redesigned Poker For Free, the site got a complete overhaul. While I was doing so, I was split testing the homepage to see if the new design outperformed the old one, and it did. So after working day and night for three weeks, I decided to put the site live just before flying to Spain. Quite a risk, but I was so excited that I didn't want to wait. Fortunately it didn't turn out to be a bad decision.

While I was gone I used my iPhone to periodically check my e-mail and my statistics, and was happy to find out that Poker For Free's traffic went up by 50%!!! Of course this had nothing to do with the new site, but all with the $20,000+ which I invested into SEO over the past 8 months. With my site performing so well, I couldn't wait to get back and work, but on the other hand I was really enjoying the time off with the family - so I let it rest.

As Pursuing Success is my personal and marketing blog, it's about time that I should write somethings interesting about affiliate marketing, right? So my next blog will be about the new Poker For Free, and what I did prior to merging hundreds of pages into the new site. That's a promise! But for now I will keep it a little bit more personal though.

While in Spain, I kept going to the gym every other day while Dante went to bed for his siesta. Since I started working out in February, it has become one of my favorite pass times. I managed to lose 7 kg already (my current weight is 82 kg), but I think that it must be at least double as much in fat effectively, as I gained quite a bit in muscles too, obviously. I am now proud to announce that I have a Four-Pack, and it won't be too long before I get to that much admired Six-Pack!

August 18, 2010 - I'm continuing where I left off 10 days ago, and of course many crazy things have happened in the mean time. God, don't you love the affiliate life! One of the things that worries me is PokerStars. They are so big and powerful, and think they can keep screwing affiliates... over, and over again. And the shittiest thing about it, is that I have just reinstalled them on Poker For Free, as a service to my US visitors, about 40% of my total traffic. Want to know why I don't feel comfortable with my recent decision to continue working with PokerStars, please have a look at this PAL thread: PokerStars Partners are Fucking You Over. Read, or scan it, but you will get the point.

Before I left to the South of Spain, I received an email from Barry with Heaven Affiliates. One of my domains, pokerheavenreview.com, infringed their registered trademark, and he politely asked me to take it down, either by handing over the control to them, or redirect it to another domain. I wouldn't be me if I didn't try to get something out of it, and asked them for a compensation of $250. Unfortunately they denied it, but in a very decent matter, so I let it rest and told them I would take it down after I got back from vacation. So today I finally moved my Poker Heaven mini-site to its new location, and 301 redirected the old URLs. The new location, DepositPoker.co.uk, is a site I bought from a guy at the forums, which I already wrote something about in one of my previous blog posts.

During my daily workouts sessions at the gym, I have given some special thought to my next blog post. As you could read earlier in this one, my next post will be about redesigning an existing website with reasonable amounts of traffic. I think I might have found a few ideas to come with an interesting article, and with the transition of PokerKamers.nl the other day, the Dutch equivalent of Poker For Free, I also managed to refresh my own memory a little bit. I am actually looking forward to writing it, but I have some other real important things on the agenda first, such as the translation of the almost 3,000 words counting Poker Crusher Review. I shouldn't be making any more promises, except to my kids!

Screenshot of Externally Linked ImageLast topic, before I call it a day and visit my brother in law for a cup of coffee, is something I discovered while exploring my site's statistics. I noticed a lot of hits coming from two specific freeroll forums. I am not mentioning their URLs on purpose, because I believe password thieves are about the lowest scum of the affiliate industry you can get. Back to the point, it came to my notice that the hits from these specific referrals were occurring because of an externally linked image causing a 404 error, an image that was deleted when I launched the new Poker For Free site. Today I gave them a Dutch treat, and replaced my image with a new one telling their visitors: "Type pokerforfree.org in your address bar." I don't know, and honestly don't care if I actually get any traffic of it, I just had some fun doing it. Next time you steal from me, or which ever hard working affiliate, think again bitch!

17Dec/090

Overhauling the German Max Poker Bonus

Max Poker Bonus LogoYesterday I've been mostly busy moving the German Max Poker Bonus to a new environment and upgrading the scripts to our latest's. When Kurt and I started working together and created our first Max Poker Bonus site, we decided to host it on a server located in Austria (instead of Germany) because of a German law that prohibits sites linking to online gaming sites. This law is also the reason that we chose to use a .com, instead of a .de domain. So we found a small, but reliable host, where the wires are short when you're in need of assistance. Host Austria that is.

Unfortunately, Host Austria's infrastructure was a little bit outdated, and because of that many of the scripts I've created for the Dutch Max Poker Bonus and UK Max Poker Bonus didn't work. We could easily have moved to another host, but we decided to stay, as quite frankly we were more than satisfied with their service.

Long story short, yesterday was the big day! Christian from Host Austria copied our site and database to a new server, and I made sure that all scripts got upgraded and verified that everything worked as it should. After changing the DNS over night, I woke up this morning to find our site running flawless. Great!

Today I will finish off the big overhaul.

As many of you already know, Google recently released Site Performance, a tool that you can find under Labs in your Webmaster Tools. This, together with Google's Page Speed tool and Yahoo's YSlow tool, both add-ons to Firebug, gives you advice in which areas you can adjust your to improve it's performance. Things like enabling Gzip compression, or parallelizing downloads can really speed up your site. I've done this (and more) for a few of my sites already, and I really recommend doing it if you own a site with a fair amount of traffic. Case studies have proven that a faster loading website drastically improves user experience, thus conversions, and we all know what that means!