Step 5: Setting up fail2ban

We are now going to setup fail2ban, basically something than bans IPs from accessing your server if they fail to authenticate multiple times.

Installing

Installation varies from distro to distro, here you can check how.

Configuration

We are going to setup fail2ban to check ssh connections. You can configure it for many many things, even custom ones.

You can add this to /etc/fail2ban/jail.d/jail.local:

[sshd]
enabled = true

Restart fail2ban with sudo systemctl restart fail2ban, and it should work! You can check that the jail is set up properly by running sudo fail2ban-client status.

Revision #3
Created 17 December 2025 17:34:00 by seres
Updated 19 December 2025 02:19:51 by seres