How to Install and Configure Fail2Ban on Ubuntu Linux 26.04

This guide shows you how to install and configure Fail2Ban on Ubuntu Linux 26.04, an open-source intrusion prevention tool that scans log files for suspicious activity and automatically blocks attacking IP addresses through firewall rules. Fail2Ban protects services like SSH, Apache, Nginx, and FTP by creating jails that define what to monitor, filter rules to match attack patterns, and actions to execute when an attack is detected, making it an essential layer of defense for any Linux server. For a broader look at hardening your server beyond Fail2Ban, see our guide on critical steps to secure VPS servers and our walkthrough on setting up a VPS firewall.

Quick Overview - Install and Configure Fail2Ban on Ubuntu Linux 26.04

Fail2Ban is an open-source intrusion prevention tool that watches your server logs and bans IPs that fail authentication too many times. Here's the full process on Ubuntu Linux 26.04:

1. Install the fail2ban package from the default Ubuntu repositories.
2. Manage the service through systemctl (start, stop, enable on boot).
3. Create a /etc/fail2ban/jail.local file to override the default settings.
4. Enable the SSH jail with custom maxretry, findtime, and bantime values.
5. Validate the configuration and restart the service.
6. Integrate Fail2Ban with ufw to manage firewall rules.
7. Test by simulating failed SSH logins from a second machine to confirm bans are applied automatically.

Read the rest of this guide for the full step-by-step instructions.

Prerequisites

Before you start:

• Deploy an Ubuntu server.
  • Running Fail2Ban on a VPS gives you a 24/7 hardened, internet-facing host that can actually be attacked, monitored, and recovered remotely. If you don't have a server yet, SSD Nodes offers the most affordable Linux VPS hosting in the market with lifetime price locks, 24/7 support, and a 14-day money-back guarantee. You can get an 8GB VPS for just $5.50/month on the 3-year plan, with 1-Click Apps for instant Ubuntu deployment. Spin one up, try it, and get a full refund if it's not the right fit.
• SSH to your server using PuTTY for Windows or OpenSSH for Linux and Mac OS.
• Create a non-root user with sudo privileges. You will use this user account to run all commands in this guide.

Install Fail2Ban

The Fail2Ban package is available in the default Ubuntu 26.04 repositories. Installing the software adds the core functionality, including the main daemon, default jails, and action scripts that block malicious IP addresses. Follow the steps below to install Fail2Ban.

1. Update your system's package information index.

   $ sudo apt update

2. Install Fail2Ban using apt, a command-line utility that manages packages on Ubuntu.

   $ sudo apt install -y fail2ban

3. Check the version to verify you've installed Fail2Ban.

   $ fail2ban-client --version

   Output:

   Fail2Ban v1.1.0

Manage Fail2Ban Service

On Ubuntu 26.04, Fail2Ban runs as a system service under the name fail2ban. Understanding how to manage this service allows you to control Fail2Ban, apply configuration changes, and troubleshoot issues when they arise.

Check Fail2Ban Service Status

1. Verify that the Fail2Ban service is active and running.

   $ sudo systemctl status fail2ban

   Output:

   ● fail2ban.service - Fail2Ban Intrusion Prevention System
        Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; preset: enabled)
        Active: active (running) since Tue 2026-04-29 10:15:22 UTC; 2min ago
          Docs: man:fail2ban(1)
      Main PID: 1245 (fail2ban-server)
         Tasks: 5 (limit: 2275)
        Memory: 13.2M
           CPU: 234ms

   Press ctrl + c to exit the status view.

Start, Stop, and Restart Fail2Ban

1. Stop the Fail2Ban service if you need to disable the service