Arch Linux BasedManjaro

How To Install Fail2Ban on Manjaro

Install Fail2Ban on Manjaro

In this tutorial, we will show you how to install Fail2Ban on Manjaro. Fail2Ban is an intrusion prevention software that works by analyzing log files, detecting failed login attempts, and then taking action, such as banning the IP address from further login attempts for a specific period. It is particularly effective at protecting against brute-force attacks, where an attacker repeatedly tries to guess a password or access a resource. Fail2Ban can also protect against port scanning tools used by attackers to identify open ports on a server that they can exploit.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Fail2Ban on a Manjaro Linux.


  • A server or desktop running one of the following operating systems: Manjaro, and other Arch-based distributions.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A stable internet connection is crucial for downloading and installing packages. Verify your connection before proceeding.
  • Access to a Manjaro Linux system with a non-root sudo user or root user.

Install Fail2Ban on Manjaro

Step 1. Before installing any new software, it’s a good practice to update your package database. This ensures that you’re installing the latest version of the software and that all dependencies are up to date. To update the package database, run the following command in the terminal:

sudo pacman -Syu

Step 2. Installing Fail2Ban on Manjaro.

Once the system repositories are updated, you can install Fail2Ban using the following command:

sudo pacman -S fail2ban

This command will download and install Fail2Ban on your Manjaro system. After the installation is complete, you can verify that Fail2Ban has been installed correctly by checking its version with the following command:

fail2ban-client version

After installing Fail2Ban, you need to start the Fail2Ban service. You can do this with the following command:

sudo systemctl start fail2ban

To ensure that Fail2Ban starts automatically at system boot, you need to enable it. You can do this with the following command:

sudo systemctl enable fail2ban

You can check the status of the Fail2Ban service with the following command:

sudo systemctl status fail2ban

Step 3. Configuration Fail2Ban.

Fail2Ban is configured through several files located within a hierarchy under the /etc/fail2ban/ directory. The main configuration is specified in the files that define the per-application “jails”. By default, Fail2Ban ships with a jail.conf file. However, to preserve custom settings, it’s recommended to create a local copy of the configuration file named jail.local. You can do this with the following command:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
  • Setting Up Jails

Jails are a key feature of Fail2Ban. When a service, such as SSHd, is jailed, Fail2Ban will continuously monitor the log(s) of that service for possible repeated attempts. If a given number of attempts is detected within a particular time window, a blocking rule is automatically set for a given time. The settings of these jails are done through the jail.local file.

For example, to jail the SSH service, you can add the following lines to the jail.local file:

enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
bantime = 600

This configuration will enable the SSH jail and set the port to ssh, use the sshd filter, set the log path to /var/log/auth.log, set the maximum retry attempts to 3, and set the ban time to 600 seconds.

  • Customizing Ban Settings

You can customize the ban settings by setting parameters like bantime, findtime, and maxretry in the jail.local file. For example, to change the default ban time to 1 day, you can add the following lines to the jail.local file:

[DEFAULT] bantime = 1d
  • Whitelisting IP Addresses

You can whitelist trusted IP addresses using the ignoreip parameter in the jail.local file. For example, to whitelist the IP address, you can add the following lines to the jail.local file:

ignoreip =

This configuration will prevent the IP address from being banned.

  • Configuring Log Files

Fail2Ban operates by monitoring log files for selected entries. You can specify the log files to be monitored in the jail.local file. For example, to monitor the /var/log/auth.log file for the SSH service, you can add the following lines to the jail.local file:

logpath = /var/log/auth.log

Step 4. Testing the SSH Brute-Force Protection.

Verifying that the jail is working correctly is an important step before relying on Fail2Ban for security. We will manually trigger bans to ensure traffic from an offender IP is blocked as per the maxretry limit set previously.

Congratulations! You have successfully installed Fail2Ban. Thanks for using this tutorial to install the latest version of Fail2Ban on the Manjaro system. For additional help or useful information, we recommend you check the official Fail2Ban website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!


r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Back to top button