How to Install and Configure Fail2ban

This article provides a guide for how to install and configure Fail2ban on VPS server or Dedicated Server.

What is Fail2ban?

Fail2ban is a security tool for Linux systems that monitors log files for suspicious activity, like failed login attempts, and automatically blocks potentially harmful IP addresses. It acts as an intrusion prevention system by identifying and temporarily rejecting IP addresses that exhibit excessive or unusual behavior, thereby reducing the risk of unauthorized access.

How to Install and Configure Fail2ban

To install and configure Fail2Ban, follow the steps below:

  1. Login via SSH as root.
  2. Configure the SSH service to run on a custom port: 
    echo "Port 2211" >> /etc/ssh/sshd_config
iptables -A INPUT -p tcp --dport 2211 -j ACCEPT
systemctl restart sshd
  3. Run the following command to install the Fail2Ban package: 
    sudo apt-get install fail2ban -y
  4. Copy the default configuration: 
    sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
  5. Edit the configuration: 
    cat  <<EOF > /etc/fail2ban/jail.local
[sshd]
enabled = true
port = 2211
EOF
  6. Start and enable the Fail2Ban service: 
    systemctl restart fail2ban
systemctl enable fail2ban

Conclusion

You now know how to install and configure Fail2Ban on your server.

  • fail2ban, secure server, security
  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

Forcefully Delete an IP Address from SolusVM

If at any point you find you have an orphaned ipaddress, you can delete it by running the...

Do You Offer a Hardware Firewall Solution?

Yes, we have a very limited selection of hardware firewalls available. We appreciate the specific...

How to Create Sudo User on CentOS

This article provides step-by-step setup guide for adding Sudo user to CentOS system. The sudo...

How to Use Sudo

This article provides a guide to using a Sudo user on CentOS server. From the command line,...

Set Server Time Zones with Timedatectl

This article provides a guide to setting the server time and server time zone settings using...