Install Fail2Ban On Ubuntu
Fail2Ban is intrusion prevention software that helps protect servers from brute-force attacks. If the software notices repeated attempts from a potential attacker to access the server via suspicious means, it automatically blocks requests from the attacker’s IP address for a given period of time.
Install Fail2Ban
ssh -i ~/.ssh/supernifty supernifty@143.198.116.106 RETURN
Update the package information for the software already installed on the server:
sudo apt update RETURN
Install the Fail2Ban software and automatically fire it up:
sudo apt install fail2ban RETURN
Confirm Fail2Ban is running:
sudo systemctl status fail2ban RETURN
To configure Fail2Ban, first make a local copy of the config file so that if the server software gets updated, you won’t lose your config settings:
sudo cp /etc/fail2ban/jail.{conf,local} RETURN
Then open the config settings with the nano text editor:
sudo nano /etc/fail2ban/jail.local RETURN
Scroll WAAAY down and update the default bantime from 10m (10 minutes) to whatever you prefer, eg: 1d (1day):
bantime = 1d
Scroll WAAAY down again and update the destemail to the email address you’d like notices sent to:
destemail = hello@supernifty.com
and then save the /etc/fail2ban/jail.local config file and exit out of the nano text editor with CONTROL-O RETURN CONTROL-X
Restart the Fail2Ban service so that your config changes take effect:
sudo service fail2ban restart RETURN
After Fail2Ban has been successfully installed, it’s time to set up a firewall on your server.