DocumentationHow to Install Fail2Ban on Your Linux VPS
Fail2Ban protects your server from brute-force attacks by automatically banning IP addresses after multiple failed login attempts.
Install Fail2Ban
Update system
First, update the package lists:bashsudo apt updatesudo apt updateInstall Fail2Ban
Install Fail2Ban with the following command:bashsudo apt install fail2ban -ysudo apt install fail2ban -yEnable service
Make sure Fail2Ban starts automatically on boot:bashsudo systemctl enable fail2bansudo systemctl enable fail2ban
Configure Fail2Ban
Create configuration file
Create a local configuration file so your settings are not overwritten during updates:bashsudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.localsudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.localEdit configuration
Open the file:bashsudo nano /etc/fail2ban/jail.localsudo nano /etc/fail2ban/jail.localEnable SSH protection
Find the[sshd]section and adjust it:ini[sshd] enabled = true port = ssh maxretry = 5 bantime = 3600 findtime = 600[sshd] enabled = true port = ssh maxretry = 5 bantime = 3600 findtime = 600Setting Description enabledEnables SSH protection portThe SSH port (change this if you have modified your SSH port) maxretryMaximum failed attempts before an IP is banned bantimeBan duration in seconds (3600 = 1 hour) findtimeTime window in seconds in which failed attempts are counted Restart Fail2Ban
Save withCtrl + O, close withCtrl + Xand restart Fail2Ban:bashsudo systemctl restart fail2bansudo systemctl restart fail2ban
Check status
Check if Fail2Ban is running:
bash
sudo systemctl status fail2bansudo systemctl status fail2banShow the status of SSH protection:
bash
sudo fail2ban-client status sshdsudo fail2ban-client status sshdTip
You can unban a blocked IP address with sudo fail2ban-client set sshd unbanip IP_ADDRESS.