...

How to Install and Configure Fail2Ban on Ubuntu/Debian VPS

How to Install and Configure Fail2Ban on Ubuntu/Debian VPS Fail2Ban is a powerful security tool that protects your Linux server from brute-force attacks by monitoring log files and banning suspicious IP addresses. It’s essential for securing your VPS, especially if you’re running services like SSH, Apache, or Nginx.

In this guide, we’ll go through the step-by-step process of installing, enabling, and using Fail2Ban on an Ubuntu or Debian-based system.
✅ Step 1: Update and Install Fail2Ban

Open your terminal and update your package list:

sudo apt update

Install Fail2Ban:

sudo apt install fail2ban



✅ Step 2: Start and Enable Fail2Ban

After installation, start the Fail2Ban service:

sudo systemctl start fail2ban



Enable it to run automatically on boot:

sudo systemctl enable fail2ban



✅ Step 3: Ban and Unban IP Addresses Manually

Unban an IP:
If you need to remove an IP from the ban list for the apache-badbots jail:

sudo fail2ban-client set apache-badbots unbanip 198.51.100.23



Ban an IP manually:
To block a specific IP immediately:

sudo fail2ban-client set apache-badbots banip 85.204.70.90



✅ Step 4: Check the Status of a Jail

To see the current status of the apache-badbots jail, including the list of banned IPs:

sudo fail2ban-client status apache-badbots

sudo systemctl status fail2ban
You should see something like:

Active: active (running) since Thu 2025-08-14 12:30:25 IST; 1h 12min ago

If you see inactive or failed, you’ll need to restart it:



sudo systemctl restart fail2ban


2. Check All Available Jails

Jails are rules for specific services (like Apache, SSH, or Nginx). To see all active jails:


sudo fail2ban-client status


Final Notes

The jail apache-badbots is just an example; your setup might include others like sshd or nginx-http-auth.

For more customization, edit the /etc/fail2ban/jail.local file to configure ban times, IP whitelist, and detection rules.

Always test your configurations before applying them to production servers.

By following this guide, you can strengthen your VPS security and reduce the risk of automated attacks.


    No tags

William Anderson

I am a versatile Full-Stack Web Developer with a strong focus on Laravel, Livewire, Vue.js, and Tailwind CSS. With extensive experience in backend development, I specialize in building scalable, efficient, and high-performance web applications.

Search

Categories

Recent Posts

..

How to Serve a React App with Node.js on a VPS (Pr...

..

Top Linux Commands to Clean & Optimize Disk Space...

..

How to Build an Image-to-Text Extractor in Laravel...

..

How to Build an AI Chatbot in Laravel Using ChatGP...

..

Connecting React and Node.js with Socket.IO for Re...

Tags