fail2ban
A daemon that scans log files and bans IP addresses with too many failed authentication attempts using firewall rules.
What is fail2ban?
Fail2Ban is a Python-based daemon that monitors system log files for repeated failed authentication attempts and automatically bans the offending IP addresses using firewall rules. It helps protect servers from brute-force attacks by temporarily blocking malicious hosts that exhibit suspicious behavior patterns. The tool is highly configurable and works out-of-the-box with common services like SSH and web servers.
System administrators and DevOps engineers managing Linux servers who need to protect against brute-force attacks and unauthorized access attempts. It's particularly valuable for anyone running internet-exposed services with authentication mechanisms.
Developers choose Fail2Ban because it provides lightweight, automated intrusion prevention without requiring complex security infrastructure. Its flexibility in configuration, support for both IPv4 and IPv6, and integration with existing firewall systems make it a reliable first line of defense against brute-force attacks.
Overview
Daemon to ban hosts that cause multiple authentication errors
Use Cases
Best For
- Protecting SSH servers from brute-force login attempts
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
