Comment on page
Brute-force SSH protection
To protect your server from brute-force SSH connection attempts, you can install
This program will monitor incoming connections and block IP addresses that try to log in with faulty credentials repeatedly.
sudo apt-get install -y fail2ban
sudo vim /etc/fail2ban/jail.d/ssh.local
enabled = true
banaction = ufw
port = 22
filter = sshd
logpath = %(sshd_log)s
maxretry = 5
If you're using a non-standard SSH port that isn't
22then you will need to change that in the cofig file above.
You can change the
maxretrysetting, which is the number of attempts it will allow before locking the offending address out.
Save the file and restart the service.
sudo systemctl restart fail2ban
Congratulations! You've successfully improved the security of your node 🥳