How to Setup Fail2ban on your Ubuntu 18.04 VPS Server or Dedicated Server

How to Setup Fail2ban on your Ubuntu 18.04 VPS Server or Dedicated Server

Fail2ban is an intelligent Utility that scans log files to mitigate malicious attacks on your server. The tool blocks IP addresses that lead to too many password failures.

If you are running Ubuntu 18.04 VPS, then Fail2ban should give your server an edge in fighting hackers automatically. The software can update firewall rules on its own to block IP addresses trying to exploit your server.

Fail2ban has excellent features that limit unauthorized access to your server especially through services such as SSH (Secure Shell), Apache web server, Courier Mail server, FTP and more.

In this guide, we will show you how you can setup and customize fail2ban to protect your Ubuntu 18.04 server.

Prerequisite

  • A VPS web hosting plan (need help? consult with our VPS hosting reviews)
  • A non-root username that can perform sudo tasks
  • Shell access to your Linux server. You can use PuTTY if you are running windows or default command line terminal on Linux and Mac.

Step 1:
Update the Package Information and Install Fail2ban

First, we need to make sure we have the latest package list from the Ubuntu repository. To get the newest versions of the packages and their dependencies, run the command below:

$ sudo apt-get update

We can now install Fail2ban:

$ sudo apt-get install fail2ban

Press Y and hit Enter when prompted to confirm the installation.

Step 2:
Understanding Fail2Ban configuration file

Fail2Ban comes with default filtering rules but you might create your own configuration file to customize different security settings depending on your needs.

The default configuration file (‘/etc/fail2ban/jail.conf’) should never be edited because it can be improved or overwritten in a distribution update or during upgrades.

The default behavior of Fail2ban is to read ‘.conf’ files first followed by ‘.local’ files. That means you should create your own ‘.local’ file if you want to provide your own customizations and override the default settings.

If you want multiple configuration files to handle the security of each service separately, put the ‘.local’ files under ‘/etc/fail2ban/jail.d’ directory.

Step 3:
Creating a custom configuration file

Although we can create a default configuration file from scratch, we can just copy the default configuration file and only edit the settings that we want to override.

To do this, run the command below

$ sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

To edit the new configuration file, open it using a nano editor:

$ sudo nano /etc/fail2ban/jail.local

We may wish to edit the settings under the [DEFAULT] entry:

[DEFAULT]

...
$ bantime =10m
$ findtime =10m
$ maxretry=5
...

The settings above all applied for every service that does not have the entries overridden in the services own section.

  • ‘bantime’ represents the time that a host is banned before it can be allowed to try the service again.
  • ‘findtime’ is the maximum amount of time fail2ban should wait before banning a host if it has generated the maximum retries allowed for a particular service.
  • ‘maxretry’ indicates the number of failures that a host should generate before it is banned by the server

The default settings above indicate that a host will be blocked for 10 minutes if it generates more than 5 failed attempts within 10 minutes.

You can modify these settings to suit your needs

Towards the bottom of the files, the configuration files contain information for each service running on the server.

You may tweak the settings of each service depending on your needs.

Once you are through editing the file. Press CTRL+X, Y, and Enter to save the file.

Conclusion

In this guide, we have shown you how to install Fail2Ban on Ubuntu 18.04 VPS server. We have also discussed how Fail2Ban treats configuration file and went ahead to create a file to handle our custom settings.  You can use all these steps to stop malicious users from hacking your Ubuntu 18.04 server.

 

Check out these top 3 VPS services:

Kamatera
AU$6.01 /mo
Starting price
Visit Kamatera
Rating based on expert review
  • User Friendly
    3.5
  • Support
    3.0
  • Features
    3.9
  • Reliability
    4.0
  • Pricing
    4.3
Hostinger
AU$4.50 /mo
Starting price
Visit Hostinger
Rating based on expert review
  • User Friendly
    4.7
  • Support
    4.7
  • Features
    4.8
  • Reliability
    4.8
  • Pricing
    4.7
Liquid Web
AU$7.52 /mo
Starting price
Visit Liquid Web
Rating based on expert review
  • User Friendly
    3.8
  • Support
    4.8
  • Features
    4.5
  • Reliability
    4.6
  • Pricing
    3.8
  • Check the recommendations for the best VPS and get a suitable one.

How to Install a Let’s Encrypt Certificate on your Ubuntu 18.04 Dedicated Server or VPS

If you are hosting your website on a VPS server running Ubuntu 18.04, we will sh
3 min read
Michael Levanduski
Michael Levanduski
Expert Hosting Writer & Tester

How to Enable Two-Factor Authentication on an Ubuntu 18.04 VPS or Dedicated Server

This guide will show you how you enable two-factor authentication to improve the
4 min read
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO

How to Enable Apache Mod_Rewrite on an Ubuntu 18.04 VPS or Dedicated Server

In this tutorial, we will cover the basics of enabling mod_rewrite on an Ubuntu
3 min read
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO

How to Install and Configure Linux Malware Detect on CentOS 7

This tutorial will help you install and configure Linux Malware Detect (LMD) on
4 min read
Eliran Ouzan
Eliran Ouzan
Web Designer & Hosting Expert
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top