Skip to content

Fail2Ban

What is Fail2Ban?

Fail2Ban is an intrusion prevention software framework that protects your server from brute-force attacks by monitoring logs and automatically banning suspicious IPs.

It works by scanning log files (e.g., SSH, FTP, Nginx, etc.), detecting failed login attempts or other suspicious activities, and then updating firewall rules to ban the offending IP addresses temporarily or permanently.

Installing Fail2Ban

To install Fail2Ban on your server via FlashPanel:

  1. Go to the Applications section of your server.
  2. Search for Fail2Ban.
  3. Click Install and wait for the process to complete.

Once installed, the service will start automatically.

Managing Fail2Ban

FlashPanel provides a dedicated interface to manage Fail2Ban:

General Controls

  • Start / Stop / Restart the Fail2Ban service
  • Uninstall the application
  • View Configuration: Open /etc/fail2ban files directly
  • View Logs: Review /var/log/fail2ban.log

Jail Management

  • View a list of active Jails
  • Check each jail's:
    • Name
    • Failed attempts
    • Banned IPs
  • Unban specific IP addresses
  • Add/Edit/Remove custom jails

You can fine-tune jail settings for services like SSH, FTP, Postfix, Nginx, and more.