Question
Fail2Ban Not Automatically Ban IP After Several Failed Login Attempts
- Posted October 23, 2020
- SecurityOpenLiteSpeed WordPress 1-Click
I have set up a droplet running on Ubuntu 18.04. Everything including my websites on WordPress is working perfectly. But as I read on many blogs regarding hardening server security, then, I tried to install Fail2Ban. Installation is successful and jail is created. But when I tried to enter the wrong password, it does not ban my IP. I have tried all tutorials below but still cannot automatically ban my IP on failed SSH login attempts. Is there somewhere I missed which makes me unable to automatically ban my IP?
Tutorial followed. https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04 https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04 https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04
Below is additional info if it helps. Webserver: Openlitespeed. Firewall: DigitalOcean Firewall & UFW. DNS: Cloudflare. SSH Connection: Putty. SSH Login: Using key pairs. SSH Password login: Disabled. Root login: Disabled.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi there @shahahmadyusof,
What I could suggest is to make sure you restart fail2ban after making any configuration changes
Also make sure findtime isn’t set too low.
Another thing that I could suggest is to try and trigger a few unsuccessful SSH attempts from a different IP besides your main one.
Let me know how it goes! Regards, Bobby
