juju deploy fail2ban
Discuss this charm
Share your thoughts on this charm with the community on discourse.
Deploys fail2ban monitoring and denial-of-service (DoS) prevention service, with exposed configuration to help prevent SSH DoS attacks.
The fail2ban service scans log files and bans IPs that have too many password failures. The number of failures, and ban time are configurable.
The fail2ban charm is a subordinate charm a container to deploy. The fail2ban charm uses the implicit juju-info relationship so it can be related to any container charm. Here are the steps to deploy the charm:
juju deploy ubuntu juju deploy fail2ban juju add-relation fail2ban:juju-info ubuntu:juju-info
These steps will install, and configure fail2ban to monitor SSH by default with a 1 hour delay on incorrect password attempts, after 3 failed attempts.
Known Limitations and Issues
This charm does not configure any of the other services fail2ban can monitor,
such as http, ftp, etc. If you wish to configure these services you can find
the configuration file at
- maxretry: number of attempts before banning the IP adddress.
- ignoreip: Additional IP's (space separated) to add to the ignore ruleset. Supports IP and CIDR.
- bantime: Ban time in seconds (defaults to 1 hour).
- destemail: Email address to send mail to on abuse.
juju set fail2ban bantime=3000 maxretry=5 ignoreip=192.262.3.0/24