All Guides
Fail2Ban Setup
Protect your server against brute-force attacks with Fail2Ban.
Intermediate15 min
Setup Steps
1. Install Fail2Ban:
sudo apt install fail2ban -y2. Create configuration file:
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local3. Basic settings:
[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 5
[sshd]
enabled = true
port = ssh
logpath = %(sshd_log)s
maxretry = 34. Apache protection:
[apache-auth]
enabled = true
port = http,https
logpath = %(apache_error_log)s
maxretry = 55. Nginx protection:
[nginx-http-auth]
enabled = true
port = http,https
logpath = /var/log/nginx/error.log6. Start the service:
sudo systemctl start fail2ban
sudo systemctl enable fail2ban7. Check status:
sudo fail2ban-client status
sudo fail2ban-client status sshd8. Unban an IP:
sudo fail2ban-client set sshd unbanip 192.168.1.100Related Guides
UFW Firewall Setup
Secure your server with Ubuntu Uncomplicated Firewall (UFW).
VPN Setup (WireGuard)
Set up a WireGuard VPN server and configure clients.
ModSecurity WAF Setup
Install ModSecurity Web Application Firewall with Apache or Nginx.
Certbot Automatic SSL Renewal
Configure automatic renewal of Let's Encrypt SSL certificates with Certbot.