In this article, we’ll explain how it is easy to install Fail2ban on Ubuntu 20.04.
Fail2ban is written in Python programming language and it is open source, free, and able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally, for example, iptables or TCP Wrapper. It provides security against cyber attacks like DDoS attacks, bot attacks brute-forcing, and such.
Prerequisites
- A Ubuntu 20.04 installed dedicated server or KVM VPS.
- A root user access or normal user with administrative privileges.
Let get started with the installation:
1. Keep the server up to date
# apt update -y
# apt upgrade -y
2. Install Fail2ban
Run following command to install Fail2ban:
# apt install fail2ban -y
3. Start and enable fail2ban.service
# systemctl start fail2ban
# systemctl enable fail2ban
4. Configure Fail2ban
To configure Fail2ban, we first copy the configuration file jail.conf and save as jail.local file name and modify settings in jail.local. By doing this we keep the main configuration file safe and try and test in copied file. To do this task run following command:
# cp /etc/fail2ban/jail.{conf,local}
Now, edit the copied file using your favorite editor.
# vi /etc/fail2ban/jail.local
There are multiple options that you can modify according to your requirement. Some of the parameters we have mentioned below:
1. bantime
The ban-time of all IP addresses is set by a parameter known as bantime. The value set for bantime by default is just 10 minutes.
# bantime = 1d
2. findtime
Another very important variable is findtime. It defines the time-duration allowed between consecutive login attempts.
# findtime = 10m
3. maxretry
It defines the exact number of failed login attempts allowed within the findtime. If the number of failed-authorization attempts within the findtime exceeds the maxretry value, the IP would be banned from logging back in.
# maxretry = 5
4. ignoreip
To add an IP to this whitelist, modify the ignoreip line and type in the IP address to exempt:
# ignoreip = 127.0.0.1/8 ::1 222.222.222.222 192.168.0.0/24
That’s it. The installation and configuration process has been completed.
In this article, we have seen how it is easy to install Fail2ban on Ubuntu 20.04.