Linux Commands and Scripts

How to Install Fail2ban on Ubuntu 20.04

In this article, we’ll explain how it is easy to install Fail2ban on Ubuntu 20.04.

Fail2ban is written in Python programming language and it is open source, free, and able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally, for example, iptables or TCP Wrapper. It provides security against cyber attacks like DDoS attacks, bot attacks brute-forcing, and such.

Prerequisites

Let get started with the installation:

1. Keep the server up to date

# apt update -y

# apt upgrade -y

2. Install Fail2ban

Run following command to install Fail2ban:

# apt install fail2ban -y

3. Start and enable fail2ban.service

# systemctl start fail2ban

# systemctl enable fail2ban

4. Configure Fail2ban

To configure Fail2ban, we first copy the configuration file jail.conf and save as jail.local file name and modify settings in jail.local. By doing this we keep the main configuration file safe and try and test in copied file. To do this task run following command:

# cp /etc/fail2ban/jail.{conf,local}

Now, edit the copied file using your favorite editor.

# vi /etc/fail2ban/jail.local

There are multiple options that you can modify according to your requirement. Some of the parameters we have mentioned below:

1. bantime

The ban-time of all IP addresses is set by a parameter known as bantime. The value set for bantime by default is just 10 minutes.

# bantime = 1d

2. findtime

Another very important variable is findtime. It defines the time-duration allowed between consecutive login attempts.

# findtime = 10m

3. maxretry

It defines the exact number of failed login attempts allowed within the findtime. If the number of failed-authorization attempts within the findtime exceeds the maxretry value, the IP would be banned from logging back in.

# maxretry = 5

4. ignoreip

To add an IP to this whitelist, modify the ignoreip line and type in the IP address to exempt:

# ignoreip = 127.0.0.1/8 ::1 222.222.222.222 192.168.0.0/24

That’s it. The installation and configuration process has been completed.

In this article, we have seen how it is easy to install Fail2ban on Ubuntu 20.04.

Related Articles