Fail2ban

Fail2Ban is an open-source intrusion prevention software used to protect Linux servers from brute-force attacks by monitoring system logs and automatically banning suspicious IP addresses. It enhances server security by detecting repeated failed login attempts and applying temporary or permanent bans using firewall rules, helping secure services such as SSH, Apache, Nginx, FTP, and mail servers.

• Monitors system and application log files for suspicious or repeated failed login attempts.
• Automatically bans IP addresses using firewall tools such as iptables or nftables.
• Provides protection for services like SSH, FTP, Apache, Nginx, and mail servers.
• Highly configurable with customizable jails, filters, and ban rules.
• Supports adjustable ban time, retry limits, and find-time settings.
• Reduces brute-force attacks and unauthorized access attempts effectively.
• Integrates with systemd and modern Linux logging systems.
• Lightweight and runs in the background with minimal system resource usage.

Check installed version:
$sudo su
$fail2ban-client --version

Check status:
$systemctl status fail2ban

Disclaimer: Fail2Ban is a security-focused open-source tool designed to protect systems from unauthorized access attempts. Its effectiveness depends on proper configuration, system logging accuracy, and firewall setup. Users are responsible for configuring rules correctly to avoid accidental service blocking.