fail2ban

• WordPress Security

• Digital Ocean - Fail2ban Service Settings

Installation

Install using salt by adding the following to the server (or server group) definition in top.sls:

- config.fail2ban

View Status

Since ubuntu 20.04 does not provide a method to show all jails we provided a script to do this it’s installed using salt - to use type:

f2b-list

The standard fail2ban method to list jails is:

sudo fail2ban-client status

To see all banned IPs on Ubuntu 22.04 (fail2ban 0.11.2 and above, displayed in pseudo json format):

sudo fail2ban-client banned

For older versions of Ubuntu e.g. 20.04 it’s only possible to list individual jails (this is still available on 22.04 and provides a little more information than the banned option):

sudo fail2ban-client status <jail name>

E.g:

sudo fail2ban-client status nginx-wp-login
sudo fail2ban-client status nginx-wp-xmlrpc
sudo fail2ban-client status nginx-4xx

Log

The log for fail2ban is /var/log/fail2ban.log