Blocking an IP Address with Fail2Ban
Let’s configure our first jail that blocks an IP address
Fail2ban is different from swatch in the following ways:
With all of those advantages, I see one disadvantage to using fail2ban:
If you watch the messages in our monitor chatroom monitor.e2e.ee@e2e.chat
you will sometimes see that fail2ban has blocked someone.
Someone tried to send too many messages too quickly and got blocked by fail2ban.
Fail2ban reacts in real-time, blocking the offenders IP address and sending a text message. This is a powerful tool for keeping a web service going.
Just use your package manager to install fail2ban on linux.
apt install fail2ban
# Start fail2ban
service fail2ban start
# Stop fail2ban
service fail2ban stop
# Is fail2ban running?
service fail2ban status
Let’s configure our first jail that blocks an IP address
Let’s configure fail2ban to watch a log, but not block an IP address
When you need to know about what fail2ban is doing, use the client