6. Security and Monitoring

✅ Protect and observe your EC2 instance.

🛡️ Install fail2ban (SSH Protection)

• Prevents brute-force SSH attacks by banning IPs with multiple failed login attempts.

sudo apt update
  sudo apt install -y fail2ban
  sudo systemctl enable fail2ban
  sudo systemctl start fail2ban
  sudo fail2ban-client status

📋 Set up CloudWatch Agent (System Logging)

• Logs memory, CPU, disk, and network usage to AWS CloudWatch.
• Requires an IAM role with CloudWatch permissions.

curl -O https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
  sudo dpkg -i amazon-cloudwatch-agent.deb
  sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
  sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl \
    -a fetch-config -m ec2 \
    -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json \
    -s

📊 Monitor Uptime and Disk Space (Daily Log)

• Logs server uptime and disk usage daily to /var/log/monitor.log.
• Runs automatically from /etc/cron.daily/monitor.sh.

#!/bin/bash
  LOG_FILE="/var/log/monitor.log"
  
  echo "[$(date)] Monitoring snapshot" >> $LOG_FILE
  echo "🕒 Uptime:" >> $LOG_FILE
  uptime >> $LOG_FILE
  
  echo "💾 Disk Usage:" >> $LOG_FILE
  df -h >> $LOG_FILE
  
  echo "-------------------------------" >> $LOG_FILE

✅ Monitor logs manually:

cat /var/log/monitor.log