Konu Nedir<\/h2>\n
Fail2Ban & Firewall<\/strong> ne demek? Basit\u00e7e, sistem loglar\u0131n\u0131 tarayan ve ba\u015far\u0131s\u0131z oturum giri\u015flerini tespit eden Fail2Ban<\/strong> ile a\u011f katman\u0131nda gelen trafi\u011fi filtreleyen Firewall<\/strong> (\u00f6rne\u011fin UFW, iptables veya firewalld) birle\u015fimi. Log dosyalar\u0131n\u0131 analiz ederek \u015f\u00fcpheli IP adreslerini otomatik olarak kara listeye ekler; firewall ise bu IP’leri an\u0131nda bloke eder. Sonu\u00e7? Sald\u0131r\u0131 giri\u015fimi an\u0131nda kesiliyor, kaynak israf\u0131 \u00f6nleniyor, sisteminiz g\u00fcvenli kal\u0131yor.<\/p>\n \u0130ki bile\u015fenin birlikte \u00e7al\u0131\u015fmas\u0131, sisteminizi hem izleme hem de savunma katmanlar\u0131yla g\u00fc\u00e7lendirir. Fail2Ban<\/strong> bir jail<\/em> sistemine sahip; her uygulama i\u00e7in ayr\u0131 filtre ve eylem tan\u0131mlar\u0131 yap\u0131l\u0131r. Firewall<\/strong> ise bu eylemlere ger\u00e7ek zamanl\u0131 olarak tepki verir. Bu iki teknoloji, siber sald\u0131r\u0131lar\u0131n \u00e7o\u011funa kar\u015f\u0131 tek bir kurulumdan etkili bir koruma sa\u011flar.<\/p>\n Modern web sunucular\u0131, SSH, FTP, SMTP gibi bir\u00e7ok hizmeti bar\u0131nd\u0131r\u0131r ve bu hizmetler brute\u2011force, port tarama ve otomatik bot sald\u0131r\u0131lar\u0131na a\u00e7\u0131kt\u0131r. Fail2Ban & Firewall<\/strong> bu sald\u0131r\u0131lar\u0131:<\/p>\n Bir sald\u0131r\u0131 s\u0131ras\u0131nda bile Fail2Ban & Firewall<\/strong> sayesinde 0,5 saniye i\u00e7inde ip bloke edilip, sald\u0131rgan\u0131n ilerleyi\u015fi durdurulur. B\u00f6ylece maliyetli downtime riskleri azalt\u0131l\u0131r.<\/p>\n Sunucunuza gelen istekleri a\u011f katman\u0131nda filtreleyerek, gereksiz oturum ba\u015flatmalar\u0131n\u0131 engeller. Bu sayede uygulama katman\u0131n\u0131n \u00fczerine ek y\u00fck bindirilmez. Ayn\u0131 zamanda log dosyalar\u0131n\u0131n b\u00fcy\u00fcmesini de \u00f6nler, \u00e7\u00fcnk\u00fc sald\u0131rgan IP’leri loglara eklenmeden bloklan\u0131r.<\/p>\n \u0130\u015fte Fail2Ban & Firewall<\/strong> kurulumunu ad\u0131m ad\u0131m nas\u0131l ger\u00e7ekle\u015ftirece\u011finiz:<\/p>\n Dosya: Dosya: Fail2Ban i\u00e7inde action<\/strong> parametresi, UFW yerine iptables kullanmak isteyenler i\u00e7in:<\/p>\n Kurulum s\u0131ras\u0131nda kar\u015f\u0131la\u015f\u0131labilecek yayg\u0131n hatalar ve \u00e7\u00f6z\u00fcmleri a\u015fa\u011f\u0131daki gibidir:<\/p>\n \u0130lk kurulumdan sonra log rotasyonunun Fail2Ban\u2019\u0131 etkileyebilece\u011fini unutmay\u0131n. Y\u00f6neticilerin performans\u0131 maksimize etmek ve g\u00fcvenli\u011fi g\u00fc\u00e7lendirmek i\u00e7in baz\u0131 pratik ipu\u00e7lar\u0131:<\/p>\n A\u015fa\u011f\u0131daki komutla JSON format\u0131nda rapor al\u0131p, bir dosyaya kaydedebilirsiniz:<\/p>\nFail2Ban & Firewall: Temel Kavram<\/h3>\n
![\"Fail2Ban](\"https:\/\/m4.ist\/wp-content\/uploads\/2026\/04\/z-image-turbo_00022_.png\"\/)
<\/figure>\nNeden \u00d6nemlidir \/ Ne \u0130\u015fe Yarar<\/h2>\n
\n
Fail2Ban & Firewall\u2019\u0131n Performans Art\u0131\u015f\u0131<\/h3>\n
![\"Fail2Ban](\"https:\/\/m4.ist\/wp-content\/uploads\/2026\/04\/z-image-turbo_00023_.png\"\/)
<\/figure>\nGereksinimler<\/h2>\n
\n\n
\n \nGereksinim<\/th>\n A\u00e7\u0131klama<\/th>\n<\/tr>\n<\/thead>\n \n \u0130\u015fletim Sistemi<\/td>\n Ubuntu, Debian, CentOS, RHEL (Linux)<\/td>\n<\/tr>\n \n Root\/Sudo Yetkisi<\/td>\n Yap\u0131land\u0131rma dosyalar\u0131n\u0131 d\u00fczenlemek i\u00e7in<\/td>\n<\/tr>\n \n Firewall Y\u00f6neticisi<\/td>\n UFW, iptables veya firewalld<\/td>\n<\/tr>\n \n Fail2Ban Kurulumu<\/td>\n Ubuntu\/Debian i\u00e7in apt, CentOS i\u00e7in yum<\/td>\n<\/tr>\n \n Log Dosyalar\u0131<\/td>\n \/var\/log\/auth.log (SSH), \/var\/log\/apache2\/error.log (Apache)<\/td>\n<\/tr>\n \n A\u011f Ba\u011flant\u0131s\u0131<\/td>\n \u0130nternet eri\u015fimi (apt\/yum g\u00fcncellemeleri)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n Ad\u0131m Ad\u0131m Kurulum \/ Uygulama<\/h2>\n
1. Yaz\u0131l\u0131m\u0131 Y\u00fckleyin<\/h3>\n
sudo apt update\nsudo apt install fail2ban ufw\n<\/code><\/pre>\n2. Fail2Ban\u2019\u0131 Ba\u015flat\u0131n<\/h3>\n
sudo systemctl enable fail2ban\nsudo systemctl start fail2ban\n<\/code><\/pre>\n3. UFW\u2019yi Etkinle\u015ftir<\/h3>\n
sudo ufw default deny incoming\nsudo ufw default allow outgoing\nsudo ufw enable\n<\/code><\/pre>\n4. SSH Jail\u2019\u0131n\u0131 Konfig\u00fcre Edin<\/h3>\n
\/etc\/fail2ban\/jail.d\/ssh.conf<\/code><\/p>\n[sshd]\nenabled = true\nport = ssh\nfilter = sshd\nlogpath = \/var\/log\/auth.log\nmaxretry = 5\nbantime = 86400\naction = ufw[blocktype=DROP]\n<\/code><\/pre>\n5. Di\u011fer Jail\u2019lar\u0131 Ekleyin (\u00d6rn. Apache)<\/h3>\n
\/etc\/fail2ban\/jail.d\/apache.conf<\/code><\/p>\n[apache]\nenabled = true\nport = http,https\nfilter = apache-auth\nlogpath = \/var\/log\/apache2\/error.log\nmaxretry = 6\nbantime = 3600\naction = ufw[blocktype=DROP]\n<\/code><\/pre>\n6. Fail2Ban Konfig\u00fcrasyonunu Yeniden Y\u00fckleyin<\/h3>\n
sudo fail2ban-client reload\n<\/code><\/pre>\n7. Durumu Kontrol Edin<\/h3>\n
sudo fail2ban-client status\nsudo fail2ban-client status sshd\n<\/code><\/pre>\n8. UFW Durumunu G\u00f6r\u00fcnt\u00fcleyin<\/h3>\n
sudo ufw status verbose\n<\/code><\/pre>\n\u0130leri D\u00fczey \u00d6rnek: Fail2Ban & Firewall<\/strong> ile IP Engelleme Politikas\u0131<\/h3>\n
[sshd]\naction = iptables-allports\n<\/code><\/pre>\nS\u0131k Hatalar ve \u00c7\u00f6z\u00fcmleri<\/h2>\n
\n
logpath<\/code> yolunu do\u011fru g\u00fcncelleyin, \u00f6rne\u011fin \/var\/log\/auth.log<\/code>.<\/li>\nsudo ufw enable<\/code> komutunu \u00e7al\u0131\u015ft\u0131r\u0131n.<\/li>\n\/var\/log\/fail2ban.log<\/code> dosyas\u0131n\u0131 inceleyin, yap\u0131land\u0131rma hatalar\u0131n\u0131 d\u00fczeltin.<\/li>\nignoreregex<\/code> ile belirli IP’leri hari\u00e7 tutun.<\/li>\nsudo ufw allow ssh<\/code> komutu ile manuel izin verin.<\/li>\n<\/ul>\nHata: Fail2Ban Loglar\u0131n\u0131n De\u011fi\u015fmesi<\/h3>\n
\/etc\/fail2ban\/jail.d\/rotatelog.conf<\/code> dosyas\u0131 ile log d\u00f6nd\u00fcrme kurallar\u0131n\u0131 yap\u0131land\u0131rabilirsiniz.<\/p>\n\u0130pu\u00e7lar\u0131 \/ Optimizasyon<\/h2>\n
\n
bantime = 0<\/code> ile IP’leri kal\u0131c\u0131 olarak engelleyin.<\/li>\nfail2ban-client status --json<\/code> ile JSON rapor al\u0131n.<\/li>\naction<\/code> beti\u011finizi ekleyerek e\u2011posta uyar\u0131lar\u0131 g\u00f6nderin.<\/li>\nsudo ufw status verbose<\/code> ile engellenen IP’leri g\u00f6rebilirsiniz.<\/li>\n\/etc\/fail2ban\/jail.d\/rotatelog.conf<\/code> ile log dosyalar\u0131n\u0131 periyodik olarak d\u00f6nd\u00fcr\u00fcn.<\/li>\naction = ufw[blocktype=DROP]<\/code> tercih edin; iptables i\u00e7in action = iptables-allports<\/code> kullan\u0131n.<\/li>\ngrep 'Ban' \/var\/log\/fail2ban.log | cut -d' ' -f5<\/code> komutuyla banlanan IP’leri listeleyin.<\/li>\n<\/ol>\nFail2Ban & Firewall ile \u0130statistik Raporu \u00d6rne\u011fi<\/h3>\n
![\"Fail2Ban](\"https:\/\/m4.ist\/wp-content\/uploads\/2026\/04\/z-image-turbo_00025_.png\"\/)
<\/figure>\nsudo fail2ban-client status --json > \/tmp\/fail2ban_report.json\n<\/code><\/pre>\nFail2Ban\u2019\u0131 Di\u011fer Ara\u00e7larla Entegre Etme<\/h3>\n