A few days ago my friends told me that be careful with brute force attacks because if somebody will know your server IP he can start to find the password for accounts (That’s why better to disable root access via SSH). Happily, I found one good method for protecting, and it’s Fail2Ban. That program is quite popular for Linux and for example on Ubuntu it’s on the official PPA. Fail2Ban is a good method for protecting your server, but it doesn’t mean that you can leave it and forgot. So, in that small post I will show you how to install it into Ubuntu (in others Linux distros it’s the same, but commands can be different, jail.conf the same), it’s very easy.

The first step, we need to update repositories:

 sudo apt update 

Second step, installing it

 sudo apt install fail2ban 

After installing we need to configure it, config file located in /etc/fail2ban and that file is jail.conf, name a bit scary doesn’t it) Bellow I will write the main parameters of configuration, which you can setup by your favor:

ignoreip – the address which won’t be blocked in all cases (I recommend to setup your local)

bantime – an amount of time for blocking access to your host after some login fails

maxretry – the number of maximum incorrect attempts

enabled – can be true or false, it located in some pieces of file, which means turn on or turn off