How to Install & Configure Fail2ban on Ubuntu 22.04

Learn how to enhance the security of your Ubuntu 22.04 system by installing and configuring Fail2ban. Follow this step-by-step guide to protect your server from unauthorized access attempts and potential threats.

In today’s digital landscape, security is of utmost importance to protect our systems from potential threats. One effective tool that aids in enhancing the security of Ubuntu 22.04 is Fail2ban. This article will guide you through the installation and configuration process of Fail2ban on Ubuntu 22.04, ensuring a robust and secure system.

What is Fail2ban?

Fail2ban is an open-source intrusion prevention software that safeguards Linux systems from malicious attacks by monitoring log files and banning IP addresses that exhibit suspicious behavior. It acts as a protective shield by dynamically updating firewall rules to prevent unauthorized access attempts.

Why Install Fail2ban on Ubuntu 22.04?

Ubuntu 22.04 is a popular Linux distribution known for its stability and security. However, even the most secure systems are not immune to potential threats. By installing Fail2ban, you add an extra layer of security, mitigating the risk of unauthorized access attempts, brute-force attacks, and other malicious activities.


Before we proceed with the installation, ensure that you have:

  • A running instance of Ubuntu 22.04
  • Sudo privileges on your Ubuntu server
  • An active internet connection

Step 1: Updating System Packages

Before installing any new software, it is essential to update the system packages to ensure that you have the latest versions and security patches. Open the terminal and execute the following commands:

sudo apt update
sudo apt upgrade -y

Step 2: Installing Fail2ban

To install Fail2ban, use the apt package manager. Run the following command in the terminal:

sudo apt install fail2ban -y

Step 3: Configuring Fail2ban

Once the installation is complete, you need to configure Fail2ban to suit your system’s requirements. The main configuration file for Fail2ban is located at /etc/fail2ban/jail.conf. However, it is recommended to create a separate local configuration file to avoid any accidental changes being overwritten.

Create the local configuration file using the following command:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Now, open the newly created configuration file with a text editor:

sudo nano /etc/fail2ban/jail.local

In this file, you can customize various parameters such as banning duration, log file paths, and email notifications. Make the necessary changes according to your preferences.

Step 4: Creating a Jail in Fail2ban

A jail in Fail2ban refers to the mechanism that monitors log files and applies banning rules. By default, Fail2ban comes with a set of predefined jails. However, you can create custom jails tailored to your specific needs.

To create a jail, open the Fail2ban local configuration file:

sudo nano /etc/fail2ban/jail.local

Scroll down to the bottom of the file and add the following code:

enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 3

In this example, we created a jail named my-jail that monitors the SSH service (sshd) and bans IP addresses after three failed login attempts.

Step 5: Testing Fail2ban

After configuring Fail2ban, it’s crucial to test its functionality to ensure proper operation. Restart the Fail2ban service by executing the following command:

sudo systemctl restart fail2ban

To check the status of Fail2ban and active jails, use the following command:

sudo fail2ban-client status

This command will display the banned IP addresses, jails, and their respective statuses.


By following the steps outlined in this article, you have successfully installed and configured Fail2ban on Ubuntu 22.04. With Fail2ban actively monitoring your system’s log files, you can significantly enhance the security of your Ubuntu server, protecting it from potential threats and unauthorized access attempts.

Remember to regularly update and maintain your Fail2ban configuration to adapt to evolving security challenges and maintain a robust defense mechanism.

Must Read

Related Articles