I will show you how to degug Fail2ban when you can’t start it and you get the following error:

Starting Fail2ban: [FAILED]

You can’t find any errors in syslog or Fail2ban log because the Fail2ban init script is writing the output of the fail2ban-client to /dev/null The best way to debug Fail2ban is to call directly the fail2ban-client and that will show any syntax error found in the config files. The command and the output looks like this:

fail2ban-client -xd start
WARNING 'findtime' not defined in 'apache-noscript'. Using default value
WARNING 'findtime' not defined in 'pam-generic'. Using default value
WARNING 'findtime' not defined in 'vsftpd'. Using default value Continue Reading...

Fail2ban scans log files and bans IPs that show malicious signs, something like too many password failures and looking for the most common exploits.

Step1. Install Fail2ban on Debian

apt-get install fail2ban

Step2.  Configure Fail2ban.

You can configure Fail2Ban using the configuration files located in /etc/fail2ban/

The main config file and the most important is jail.local

In the following steps I will show you some configuration examples. You can study the Fail2ban man files later.

Step2.1 Add or modify the following line to set email destination for Fail2ban notifications:

destemail = [email protected] Continue Reading...

Page 1 of 11