The fail2ban software is installed by default on your server when provisioned with Ploi, it is not enabled because we leave this up to the user to configure. (It is not started either to save resources)
This guide is about enabling fail2ban and configuring it correctly with the UFW firewall.
First of, verify that there is a
ufw.conf file present inside the
/etc/fail2ban/action.d directory. If there is, continue with this tutorial.
We have to start configuring fail2ban to use the ufw firewall, start by copying the
jail.conf file to the
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
Open up the
/etc/fail2ban/jail.local file in your favorite editor (nano or vim) and find the
banaction directive. Change the value to shown:
banaction = ufw
Next execute these commands to enable the fail2ban service:
sudo systemctl enable fail2ban && systemctl start fail2ban
To check if the service is running, execute the following command:
service fail2ban status