Copy · paste · reload

Fail2ban configs you can actually paste.

Ready-to-use jail.local blocks and filter rules for SSH, Nginx, Apache, mail and WordPress — copy the block, reload Fail2ban, done.

15 recipes

• Basics Fail2ban bantime, findtime & maxretry Explained (with Examples) What the three core settings actually do, how they interact, and copy-paste values for lenient, normal and strict jails — plus exponential bans. 3 min →
• Basics How to Set Up jail.local in Fail2ban (the Right Way) Why you edit jail.local (not jail.conf), a minimal working config, how to enable a jail, and how to reload. Copy-paste. 3 min →
• Basics How to Switch Fail2ban to nftables (banaction) Use the nftables banaction instead of iptables on modern distros, set it globally, and verify the ban set. Copy-paste. 3 min →
• Basics How to Test a Fail2ban Filter Before Enabling It (fail2ban-regex) Use fail2ban-regex to check a filter matches your real log lines — and counts the right IPs — before you enable the jail. Copy-paste. 3 min →
• Basics How to Unban an IP in Fail2ban (and See Who's Banned) List banned IPs with fail2ban-client status and unban one — or all — without restarting the service. Copy-paste. 2 min →
• Basics How to Whitelist Your IP in Fail2ban (ignoreip) Stop Fail2ban from banning your own IP, office subnet, or monitoring server using ignoreip — global or per-jail. Copy-paste. 2 min →
• SSH How to Protect SSH with Fail2ban (sshd jail) A complete, copy-paste sshd jail for Fail2ban — strict retries, longer bans for repeat bots, and how to confirm it's working. 3 min →
• SSH Fail2ban for SSH on systemd journald (no /var/log/auth.log) On Debian 12, Ubuntu 22.04+ and Fedora there's no auth.log — fix the sshd jail by reading the systemd journal with backend = systemd. Copy-paste. 3 min →
• Nginx Block Bad Bots & 404 Scanners with Fail2ban (nginx-botsearch) Ban IPs that hammer your Nginx site probing for /wp-admin, /.env, phpMyAdmin and other missing paths, using the nginx-botsearch filter. Copy-paste. 3 min →
• Nginx Fail2ban Jail for Nginx HTTP Basic Auth (nginx-http-auth) Ban IPs that brute-force an Nginx Basic Auth prompt using the built-in nginx-http-auth filter. Copy-paste jail. 2 min →
• Nginx Rate-limit Abusers with Fail2ban + Nginx limit_req (nginx-limit-req) Combine Nginx's limit_req with the nginx-limit-req Fail2ban filter to ban IPs that keep tripping your rate limit. Copy-paste. 3 min →
• Apache Fail2ban Jails for Apache: Auth & Bad Bots Copy-paste Apache jails for Fail2ban — ban Basic Auth brute force, bad bots, and noscript probes using the built-in apache-* filters. 3 min →
• Mail Fail2ban for Postfix & Dovecot (stop SMTP/IMAP brute force) Copy-paste Fail2ban jails for a mail server — Postfix SMTP, Postfix SASL, and Dovecot IMAP/POP3 brute-force protection. 3 min →
• Apps Fail2ban for WordPress Login & XML-RPC (custom filter) Ban IPs brute-forcing wp-login.php and xmlrpc.php. Two ways: a custom access-log filter, or the WP fail2ban plugin. Copy-paste. 4 min →
• Advanced Fail2ban recidive: Ban Repeat Offenders for Much Longer The recidive jail watches fail2ban's own log and re-bans IPs that keep getting banned — for a week or more, on all ports. Copy-paste. 3 min →

Fail2ban answers are scattered. The config you need isn't.

Each recipe here is a focused, copy-paste answer to one real task — the exact file path, the config block, the reload command, and how to confirm the jail is banning.

FAQ