The fail2ban software is installed by default on your server when provisioned with Ploi, it is not enabled because we leave this up to the user to configure. (It is not started either to save resources)

This guide is about enabling fail2ban and configuring it correctly with the UFW firewall.

First of, verify that there is a ufw.conf file present inside the /etc/fail2ban/action.d directory. If there is, continue with this tutorial.

We have to start configuring fail2ban to use the ufw firewall, start by copying the jail.conf file to the jail.local file:

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Open up the /etc/fail2ban/jail.local file in your favorite editor (nano or vim) and find the banaction directive. Change the value to shown:

banaction = ufw

Next execute these commands to enable the fail2ban service:

sudo systemctl enable fail2ban && systemctl start fail2ban

To check if the service is running, execute the following command:

service fail2ban status

18 October 2018 (last updated 5 years ago)

6869 views

Written by Dennis Smink

Dennis brings over 6 years of hands-on experience in server management, specializing in optimizing web services for scalability and security.

Back to Server


Start free trial