Fail2Ban is an IP address banning system which can protect a server from brute force attacks. Fail2Ban monitors the server's logs for suspicious activity, and watches for repeated login attempts during a short time interval.
For more information about using Fail2Ban on a Plesk server, see the official Plesk documentation.
Note: Fail2Ban is not able to protect against distributed brute force attacks, because it identifies attacks by IP address.
For any Cloud Server with Plesk, applications like Fail2Ban should always be installed and managed through the Plesk interface. Follow the instructions in this tutorial to learn how to install and run Fail2Ban on a Plesk server.
- A Cloud Server with Plesk 12.5 or better (any operating system)
This tutorial uses the Power User view. You can change the Plesk view by clicking Change View at the bottom of the column on the left.
Log in to Plesk. In the left navigation bar, click Tools & Settings.
Click Updates and Upgrades.
Click Add/Remove Components.
Click the drop-down menu next to Fail2Ban.
Fail2Ban will be installed.
After installing Fail2Ban, go to Tools & Settings.
Go to Security: IP Address Banning (Fail2Ban).
Select Enable intrusion detection.
If you wish, customize the IP address ban period, time interval for attack detection, or the number of failed logins before an IP address is banned. To activate Fail2Ban, click OK.
Fail2Ban will be activated.