Question

Fail2Ban Not Automatically Ban IP After Several Failed Login Attempts

Posted October 23, 2020 192 views
SecurityOpenLiteSpeed WordPress 1-Click

I have set up a droplet running on Ubuntu 18.04. Everything including my websites on WordPress is working perfectly. But as I read on many blogs regarding hardening server security, then, I tried to install Fail2Ban. Installation is successful and jail is created. But when I tried to enter the wrong password, it does not ban my IP. I have tried all tutorials below but still cannot automatically ban my IP on failed SSH login attempts. Is there somewhere I missed which makes me unable to automatically ban my IP?

Tutorial followed.
https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04
https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04
https://www.digitalocean.com/community/tutorials/how-to-protect-an-apache-server-with-fail2ban-on-ubuntu-14-04

Below is additional info if it helps.
Webserver: Openlitespeed.
Firewall: DigitalOcean Firewall & UFW.
DNS: Cloudflare.
SSH Connection: Putty.
SSH Login: Using key pairs.
SSH Password login: Disabled.
Root login: Disabled.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi there @shahahmadyusof,

What I could suggest is to make sure you restart fail2ban after making any configuration changes

Also make sure findtime isn’t set too low.

Another thing that I could suggest is to try and trigger a few unsuccessful SSH attempts from a different IP besides your main one.

Let me know how it goes!
Regards,
Bobby

Submit an Answer