Ubuntu Install fail2ban

Kevin FOO
2 min readApr 19, 2022


I had been running my Ubuntu with SSH at port 22 exposed to the internet for the past few years not knowing that there are actually so many random attackers.

Luckily it was protected by a strong password but still I should have taken the proactive approach to install fail2ban earlier. To install

sudo apt update
sudo apt install fail2ban -y

Once completed, make a copy of the configuration file

cd /etc/fail2ban
sudo cp jail.conf jail.local

Next configure the basic settings

sudo vim jail.local

Although it says setting are in seconds, but 24h and 60m works too in my Ubuntu 18.04 . For a permanent ban time set it to minus 1

Save the “jail.local” settings file and restart fail2ban service

sudo systemctl restart fail2ban.service

To see how many IPs had been blocked

sudo iptables -L

To unban an IP address manually

sudo fail2ban-client set sshd unbanip

To ban an IP address manually

sudo fail2ban-client set sshd banip

< Back to all the stories I had written



Kevin FOO

A software engineer, a rock climbing, inline skating enthusiast, a husband, a father.