How to install Fail2Ban and configure in Ubuntu server 14.04

Do you know how to avoid DDOS attack in your servers? In this post we show you how to install and configure Fail2Ban in Ubuntu server 14.04, Fail2Ban is a excellent tool for avoid attack DDOS in our servers.

What is Fail2Ban?

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs — too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).
By www.fail2ban.org

Before begin, please check your repository whit the next command:

After then:

1) Open a terminal and install Fail2ban with the next command:

2) After install we need start Fail2Ban server, we have two options for start:

A)

(This command execute our fail2ban server in background process)

B)

For restart we could use the next command:

3) Checking Fail2ban Client, Fail2ban work with fail2ban-client, the client show us the Jail (filters) configurated, we can check that with the next command:

The output could be:

That, show us a SSH Jail active for this moment.

4) Active filter, for active filter we will go to the configuration directory in /etc/fail2ban/ and we will copy of jail.conf to jail.local file, with the next command:

We could be root user for easy our work 😀

After we need to update jail.local file (the next step).

5) Enabled some jail into jail.local file.
Now we need to say to Fail2Ban server what jail he use, then open our file jail.local and find the next block:

For enabled a jail we have to update “enabled = false” to “enabled = true”

6) After enable all jail to use, execute the next command:

7) We can checking the status always with the next command:

or if we need to check a jail in specific, use this:

Example with apache-noscript jail:

8) Video tutorial
For finished this tutorial we prepare a small video tutorial:

Tips
In some case after enable a jail we have to restart the server too, I recommend use service fail2ban stop and after service fail2ban start.

Well is all for now, Do you need more information? check official website: