Server - Contents

The Fail2Ban

stop bruteforce attack attempts to enter the server

There are constant attempts to try to enter the server by guessing passwords -especially those associated with the user:root. To prevent this abuse, the application 'Fail2Ban' blocks the IP where attempts greater then 3 tries at entering a password for a period usually about 10min (depends on how it is configured). For further information see: Fail2Ban on Ubuntu

Step01: Install Fail2Ban

root# apt -y install fail2ban

Lastly, check the status of fail2ban:

root# systemctl status fail2ban  Note: Ctl+c to exit status

If fail2ban is not active

root# systemctl start fail2ban

Login to Webmin in your browser (user:root), and first click on "Refresh Modules". Then go to "Networking"->"Fail2Ban"
One should find the sshd 'jail' active -- preventing more that 5 fail attempts to login as it implements a lockout of 10min. These parameters can be changed to suit one's preferences.

Server - Contents