Ssh

Any server with SSH exposed to the internet will see constant brute-force login attempts. fail2ban is a simple, effective way to deal with them. Installation apt update && apt install -y fail2ban Configuration Never edit /etc/fail2ban/jail.conf directly — it gets overwritten on updates. Create a local override: cat > /etc/fail2ban/jail.local << EOF [sshd] enabled = true port = 22 logpath = /var/log/auth.log maxretry = 3 bantime = 7200 findtime = 600 EOF This configuration: ...