Fail2Ban Not Automatically Ban IP After Several Failed Login Attempts

Question

I have set up a droplet running on Ubuntu 18.04. Everything including my websites on WordPress is working perfectly. But as I read on many blogs regarding hardening server security, then, I tried to install Fail2Ban. Installation is successful and jail is created. But when I tried to enter the wrong password, it does not ban my IP. I have tried all tutorials below but still cannot automatically ban my IP on failed SSH login attempts. Is there somewhere I missed which makes me unable to automatically ban my IP?

Tutorial followed. https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04 https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04 https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04

Below is additional info if it helps. Webserver: Openlitespeed. Firewall: DigitalOcean Firewall & UFW. DNS: Cloudflare. SSH Connection: Putty. SSH Login: Using key pairs. SSH Password login: Disabled. Root login: Disabled.

Bobby Iliev · Accepted Answer

Hi there @shahahmadyusof , What I could suggest is to make sure you restart fail2ban after making any configuration changes Also make sure findtime isn’t set too low. Another thing that I could suggest is to try and trigger a few unsuccessful SSH attempts from a different IP besides your main one. Let me know how it goes!Regards,Bobby

alexdo · Answer

Hello there, If you want further integration between WordPress and Fail2ban you’ll need to install the Fail2ban plugin https://wordpress.org/plugins/wp-fail2ban/ Regards