DebianLinuxTutorials

How To Install Fail2Ban on Debian 11

Install Fail2Ban on Debian 11

In this tutorial, we will show you how to install Fail2Ban on Debian 11. For those of you who didn’t know, Fail2Ban is an intrusion prevention framework written in the Python programming language. This service will help prevent unwanted logins by banning nefarious IP addresses from gaining access to your server. Whereas, other basic functions are monitoring log files, searching for predefined patterns, and temporarily blocking IP addresses.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Fail2Ban on a Debian 11 (Bullseye).

Prerequisites

  • A server running one of the following operating systems: Debian 11 (Bullseye).
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • An active internet connection.
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install Fail2Ban on Debian 11 Bullseye

Step 1. Before we install any software, it’s important to make sure your system is up to date by running the following apt commands in the terminal:

sudo apt update
sudo apt upgrade

Step 2. Installing Fail2Ban on Debian 11.

By default, Fail2ban is available on Debian 11 Bullseye base repository. Now run the following command in your terminal to install it:

sudo apt install fail2ban

Once installed, start and enable fail2ban with the commands:

sudo systemctl enable fail2ban
sudo systemctl status fail2ban

Verify Fail2Ban installation:

fail2ban-client --version

Step 3. Configure Fail2ban.

With fail2ban installed, it’s time to configure it. jail.conf contains a section in which Configuration settings can be done for the fail2ban, we are not going to edit this file because a package upgrade can overwrite this file:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local

Find the following line in the config file and uncomment it to whitelist the IP address:

ignoreip = 127.0.0.1/8 ::1 <your-IP-address>

Next, change as you required:

bantime  = 15m
findtime = 15m
maxretry = 8

To receive email alerts with relevant logs, make sure that the following line is present:

# ban & send an e-mail with whois report and relevant log lines
# to the destemail.
  action_mwl = %(action_)s
               %(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]

To configure sending and receiving email addresses:

# Destination email address used solely for the interpolations in
destemail = admin@your-domain.com
# Sender e-mail address used solely for some actions
sender = fail2ban@your-domain

Save and close a file, then restart the Fail2Ban service to change the effects:

sudo systemctl restart fail2ban

We can check the status of the service using systemctl:

sudo systemctl status fail2ban

Congratulations! You have successfully installed Fail2Ban. Thanks for using this tutorial for installing the latest version of the Fail2Ban on Debian 11 Bullseye. For additional help or useful information, we recommend you check the official Fail2Ban website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button