Docs / Security / How to Set Up Fail2Ban on Linux

How to Set Up Fail2Ban on Linux

By Admin · Feb 25, 2026 · Updated Apr 23, 2026 · 304 views · 1 min read

Fail2Ban monitors log files and bans IP addresses that show malicious behavior like repeated failed login attempts.

Install

# Ubuntu/Debian
apt install fail2ban -y

# RHEL-based
dnf install fail2ban -y

Configure

Create a local config file:

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Edit /etc/fail2ban/jail.local:

[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 5

[sshd]
enabled = true
port = ssh
logpath = /var/log/auth.log

Start

systemctl enable --now fail2ban

Check Status

fail2ban-client status
fail2ban-client status sshd

Unban an IP

fail2ban-client set sshd unbanip 203.0.113.50

Was this article helpful?

Related Articles