Fail2ban: Installation, Configuration, and Manual Ban/Unban
How to install and configure Fail2ban on Linux, and manually ban/unban IPs and check status.
June 17, 2026
Fail2ban: Installation, Configuration, and Manual Ban/Unban
Fail2ban is a security tool that monitors log files and, upon detecting malicious access patterns such as repeated login failures or port scans, automatically adds the offending IP to
iptables or nftables firewall rules to block it.It is most commonly used to protect against SSH brute-force attacks.
1. Install Fail2ban
Install Fail2bansh
2. Configure jail.local
Since jail.conf can be overwritten during updates, always create a separate jail.local for your configuration.
Create jail.local from default configsh
Specify common settings in the
[DEFAULT] section, and SSH-specific settings in the [sshd] section./etc/fail2ban/jail.localsh
3. Start & Enable Service
Start and enable Fail2ban servicesh
4. Check Status
Check the full list of jails and the ban status of each.
Check all jail statussh
Check the detailed status of a specific jail (including the list of banned IPs).
Check sshd jail statussh
5. Manual Ban
Manually ban a specific IP immediately.
Manually ban an IPsh
6. Manual Unban
Manually unban a banned IP.
Manually unban an IPsh
7. Reload Configuration
After modifying
jail.local, reload the configuration without restarting the service.Reload Fail2ban configurationsh
Command Summary
| Command | Description |
|---|---|
fail2ban-client status | Check full jail list |
fail2ban-client status sshd | Check specific jail status and banned IP list |
fail2ban-client set sshd banip <IP> | Manually ban an IP |
fail2ban-client set sshd unbanip <IP> | Unban an IP |
fail2ban-client reload | Reload configuration |
systemctl restart fail2ban | Restart the service |