Skip to main content

Installation and main configuration

Install Fail2Ban on Debian-based systems by running

sudo apt -y install fail2ban

Create /etc/fail2ban/jail.localand edit it.

Add the following configuration or replace existing lines

[DEFAULT]
# the IP address range we want to ignore
ignoreip = 127.0.0.1/8 [LAN SEGMENT]
# who to send e-mail to
destemail = [your e-mail]
# who is the email from
sender = [your e-mail]
mta = mail
#Enable Email alerts
action = %(action_mwl)s

That's pretty much it, now you can create jails for all the applications you use.

Checking for installed jails

sudo fail2ban-client status

Checking jail for banned IPs

sudo fail2ban-client status jailname

Unban client

fail2ban-client set <jail> unbanip <IP>

No comments to display

Back to top