Added Fail2Ban jails for ProFTPd and SSHD

roles/bootstrap/files/fail2ban/filter.d/custom_proftpd.conf

@@ -0,0 +1,16 @@
+# fail2ban filter for the ProFTPD FTP daemon
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = proftpd
+
+failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[[0-9.]+\] to \S+:\S+\s*$
+            \(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\):.*\s+$
+            \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \([0-9]+\) exceeded, connection refused.*\s+$
+            \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.\s+$
+            \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded\s+$
+
+ignoreregex =

roles/bootstrap/files/fail2ban/jail.d/proftpd.local

@@ -0,0 +1,7 @@
+[proftpd]
+
+enabled  = true
+port     = 990
+filter   = custom_proftpd
+logpath  = /var/log/proftpd.log
+maxretry = 6

roles/bootstrap/files/fail2ban/jail.d/sshd.local

@@ -0,0 +1,35 @@
+[sshd]
+
+# ==========================
+# SSH Jail Configuration
+# ==========================
+
+# Enable the SSH jail to monitor and protect against brute-force attacks.
+enabled = true  
+
+# Port Fail2Ban should monitor for SSH connections.
+# If you run SSH on a custom port, replace 'ssh' with the actual port number (e.g., 2222).
+port = ssh  
+
+# Filter definition to use. 
+# 'sshd' refers to the default filter that matches common SSH authentication failures.
+filter = sshd  
+
+# Log file location. 
+# '%(sshd_log)s' uses the default value set by the system, typically /var/log/auth.log or journalctl.
+logpath = %(sshd_log)s  
+
+# Backend for reading logs.
+# 'systemd' is recommended if your system uses journalctl for logging.
+backend = systemd  
+
+# ==========================
+# SSH-Specific Overrides
+# ==========================
+
+# Time window to evaluate failed login attempts.
+# If 'maxretry' failures occur within this time, the IP will be banned.
+findtime = 5m  
+
+# Number of failed attempts allowed before triggering a ban.
+maxretry = 4