How to Install Fail2Ban on Ubuntu 25.10

Fail2Ban helps protect Ubuntu 25.10 from brute-force attacks by monitoring logs and automatically banning suspicious IPs, making it a vital security tool for any server.

Step 1: Update Your System

Keeping your system updated ensures Fail2Ban installs smoothly and works with the latest security patches.

sudo apt update && sudo apt upgrade -y

Step 2: Install Fail2Ban

Ubuntu 25.10 includes Fail2Ban in its repositories, allowing you to install it quickly using the default package manager.

sudo apt install fail2ban -y

Step 3: Create a Local Configuration

Creating a local configuration ensures your Fail2Ban settings remain safe during updates and allows you to customize protection easily.

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Edit the configuration file:

sudo nano /etc/fail2ban/jail.local

Step 5: Allow SSH Through Firewall (If Using UFW)

If UFW is enabled on your system, you need to allow SSH traffic to ensure you do not block yourself from accessing the server.

sudo ufw allow ssh
sudo ufw reload

Step 6: Verify Fail2Ban Status

Checking the status confirms Fail2Ban is running correctly and monitoring your system for unauthorized access.

sudo fail2ban-client status

To check SSH jail specifically:

sudo fail2ban-client status sshd

Step 7: Monitor Logs and Banned IPs

Monitoring Fail2Ban logs helps you verify that bans are working and lets you track suspicious activity attempting to access your server.

sudo tail -f /var/log/fail2ban.log