Facebook Twitter Instagram
    TecAdmin
    • Home
    • Ubuntu 20.04
      • Upgrade Ubuntu
      • Install Java
      • Install Node.js
      • Install Docker
      • Install LAMP Stack
    • Tutorials
      • AWS
      • Shell Scripting
      • Docker
      • Git
      • MongoDB
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    Home»Security»How to Install and Configure Fail2ban on Debian 11

    How to Install and Configure Fail2ban on Debian 11

    RahulBy RahulOctober 28, 20213 Mins Read

    Every server which is accessible from the Internet is at great risk of brute-force and malware attacks. Hackers try to use brute-force attempts to get access to applications that are accessible on public networks.

    Fail2ban is a tool that is used to protect Linux-based machines from automated attacks by improving their security. It monitors the logs for any malicious activity and allows the user to temporarily or permanently block remote IP addresses

    This how-to guide will explain how to install, configure and set up Fail2ban on a Debian 11 based system.

    How to install Fail2ban on Debian 11

    Fail2ban is available in the default repository of Debian 11, so it can easily be installed by using the default package manager of Debian:

    sudo apt install fail2ban -y  
    

    After successful installation, the Fail2ban service should start automatically. You can verify this by running the command:

    sudo systemctl status fail2ban 
    

    If the service is not active on your system, then you can use the following commands to starts and enable it:

    sudo systemctl start fail2ban 
    ssudo systemctl enable fail2ban 
    

    How to configure Fail2ban on Debian 11

    Fail2ban comes with two different configuration files which are located in the /etc/fail2ban directory. These config files have a basic configuration that should not be modified as these files may be overwritten when a package update arrives.

    We can use a separate .local file as a configuration file to avoid any future hassle. So we will make a local config file by copying the jail.conf file:

    sudo cp /etc/fail2ban/jail.{conf,local} 
    

    Now, open the newly created file in a text editor:

    sudo nano /etc/fail2ban/jail.local 
    

    Here you can update the settings according to your needs. You can add an ignoreip directive to ignore/whitelist IP addresses from ban. Here I have listed two different IP addresses as examples. You can put any IP address that you want to whitelist:

    ignoreip = 127.0.0.15/8  192.168.1.2/24
    

    The bantime directive can be used to set a duration of time for which an IP address will remain banned. We can use a suffix like m,d to specify the unit of time which by default is in seconds.

    bantime = 120m
    

    The findtime directive specifies the duration of time for the number of failures before a ban is placed. If Fail2ban is going to ban an IP after 4 failed attempts, the findtime directive defines the time interval in which the failures must occur.

    findtime = 2m
    

    The maxretry is used to define the number of failed attempts before an IP gets blacklisted.

    maxretry = 5
    

    After making all the necessary changes, you can simply just save and save the config file.

    Now restart the service to let the changes take effect:

    sudo systemctl restart fail2ban.service  
    

    Conclusion

    Fail2ban allows us to configure our system in a way that it becomes more secure against brute attacks as well as other malicious activities. It protects our system by checking the logs and blacklisting IP addresses that are suspicious. These security measures are essential, especially for systems that are accessible on public networks. In this article, we learned to install, configure and set up Fail2ban on Debian 11.

    fail2ban
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp
    Previous ArticleHow to Git Stash Changes
    Next Article How to Delete a File on Git

    Related Posts

    How To Secure SSH Server

    Updated:July 24, 20215 Mins Read

    How to Install and Configure Fail2ban on Ubuntu 20.04

    3 Mins Read

    How to Secure GitLab Server with Let’s Encrypt SSL

    2 Mins Read

    X-XSS-Protection – Secure Apache from Cross-Site Scripting

    Updated:August 31, 20202 Mins Read

    How to Open Specific Port in FirewallD

    Updated:February 12, 20212 Mins Read

    How to Setup Let’s Encrypt SSL with Apache on CentOS 8

    Updated:March 14, 20203 Mins Read

    Leave A Reply Cancel Reply

    Recent Posts
    • How to Enable / disable Firewall in Windows
    • How to Install JAVA on Ubuntu 22.04
    • Switching Display Manager in Ubuntu – GDM, LightDM & SDDM
    • Changing the Login Screen Background in Ubuntu 22.04 & 20.04
    • How To Install PHP (8.1, 7.4 or 5.6) on Ubuntu 22.04
    Facebook Twitter Instagram Pinterest
    © 2022 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.