Skip to content

How to secure your VPS with Fail2ban

Published: at 04:13 PM

When you configure a new server Fail2ban is a must-have tool to secure your VPS.

Fail2Ban scans log files and bans IPs that show the malicious signs (e.g. too many password failures, seeking for exploits, etc..). This tool update your firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured.

How to install




Fail2ban reads .confconfiguration files first, then .local files override any settings. So the best way is edit the local configuration to override the defailt settings.

Running Fail2Ban service


systemctl enable fail2ban
systemctl start fail2ban


service fail2ban restart

Check the Fail2Ban Status

To check the status of the Fail2Ban jails:

fail2ban-client status

The result should be like this:

|- Number of jail: 1
`- Jail list: sshd

If you want to see banned IPs in sshd jail:

fail2ban-client status sshd

Ban/Unban manually an IP address

In order to add/remove an IP address from the banned list use the following commands replacing IPADDRESS with the IP which needs unbanning, and the name “sshd” with name of the jail (in this case the “sshd” jail that we configured above):

fail2ban-client set sshd banip IPADDRESS
fail2ban-client set sshd unbanip IPADDRESS