Thanks for this. One thing: on a Debian Bookworm machine (and maybe other Linux distros), for fail2ban you should 'sudo touch jail.local', not 'cp jail.conf jail.local'. Then 'sudo nano jail.local' and in there enter
[sshd]
backend = systemd
enabled = true
Save, close, restart as above. You can add other conf options in .local but the above is enough to get it running.
Only about three hours trying to figure out why it didn't work :)
Deep into the GitHub repo conversations there it was: on Debian you need an *empty* jail.local to enter your config, not a copy of jail.conf to which you add your config (you don't change anything in jail.conf).
What awesome guidelines! I just learned about the importance of UFW and Fail2ban settings. When I checked the /var/log/auth.log file, I found numerous login attempts to my server. Enabling UFW and Fail2ban will definitely be mandatory items on my checklist for future setups.
May I translate your article into Chinese and repost it on my blog? I will credit the author and provide the source.
Go ahead Lin!
☺️Thanks, already published on https://lin66.site/posts/secure-your-vps.html
Thanks for this. One thing: on a Debian Bookworm machine (and maybe other Linux distros), for fail2ban you should 'sudo touch jail.local', not 'cp jail.conf jail.local'. Then 'sudo nano jail.local' and in there enter
[sshd]
backend = systemd
enabled = true
Save, close, restart as above. You can add other conf options in .local but the above is enough to get it running.
Thanks Mark - any downside to copying it?
Only about three hours trying to figure out why it didn't work :)
Deep into the GitHub repo conversations there it was: on Debian you need an *empty* jail.local to enter your config, not a copy of jail.conf to which you add your config (you don't change anything in jail.conf).
What awesome guidelines! I just learned about the importance of UFW and Fail2ban settings. When I checked the /var/log/auth.log file, I found numerous login attempts to my server. Enabling UFW and Fail2ban will definitely be mandatory items on my checklist for future setups.
Thanks Risal, glad it helped you!
This was awesome and easy to understand! It's amazing how u make stuff so easy and intuitive. Def gonna use it🔥
Thank you Alpaysh!
Glad I could help 🫡
🤝💯