{"id":13335,"date":"2025-12-20T11:28:24","date_gmt":"2025-12-20T05:58:24","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=13335"},"modified":"2025-12-20T11:28:48","modified_gmt":"2025-12-20T05:58:48","slug":"how-to-setup-fail2ban-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-setup-fail2ban-on-linux-server","title":{"rendered":"How to Setup Fail2ban on Linux Server &#8211; Complete Guide"},"content":{"rendered":"\n<p><strong>To set up Fail2ban on a Linux server<\/strong>, install the package, create a jail.local configuration, enable and tune the sshd jail (bantime, findtime, maxretry, ignoreip), select the right firewall backend (UFW, firewalld, iptables\/nftables), then start and enable the service. Finally, verify jails, test bans, and monitor logs for intrusions.<\/p>\n\n\n\n<p>In this guide, you\u2019ll learn how to setup Fail2ban on Linux server step by step to stop brute-force attacks and malicious traffic. As a hosting professional, I\u2019ll show you practical, production-safe settings for Ubuntu\/Debian and RHEL\/AlmaLinux\/CentOS, plus tuning tips, troubleshooting, and real-world best practices we use at YouStable.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-fail2ban-and-why-use-it\"><strong>What is Fail2ban and Why Use it?<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"628\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Fail2Ban-on-a-Linux-Server.jpg\" alt=\"What Is Fail2ban and Why Use It?\" class=\"wp-image-13457\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Fail2Ban-on-a-Linux-Server.jpg 1200w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Fail2Ban-on-a-Linux-Server-150x79.jpg 150w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/figure>\n\n\n\n<p>Fail2ban is an intrusion-prevention tool that scans logs for repeated failed logins and other suspicious behavior. When an IP triggers a rule, Fail2ban temporarily bans it via your firewall. It\u2019s lightweight, highly configurable, and ideal for protecting SSH, Nginx\/Apache, Postfix\/Dovecot, and more on Linux servers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites\"><strong>Prerequisites<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A Linux server (Ubuntu\/Debian or RHEL\/AlmaLinux\/CentOS) with sudo access<\/li>\n\n\n\n<li>OpenSSH running and accessible<\/li>\n\n\n\n<li>Firewall available: UFW (Ubuntu), firewalld (RHEL\/AlmaLinux), or iptables\/nftables<\/li>\n\n\n\n<li>Server updated: apt or dnf\/yum packages current<\/li>\n\n\n\n<li>Your admin IP to whitelist (to avoid locking yourself out)<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-fail2ban\"><strong>Install Fail2ban<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ubuntu-debian\"><strong>Ubuntu\/Debian<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt update\nsudo apt install -y fail2ban<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rhel-almalinux-rocky-centos\"><strong>RHEL\/AlmaLinux\/Rocky\/CentOS<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># RHEL 8+\/AlmaLinux\/Rocky\nsudo dnf install -y fail2ban fail2ban-firewalld\n\n# CentOS 7 (EOL \u2013 consider upgrading)\nsudo <a href=\"https:\/\/www.youstable.com\/blog\/install-yum-on-linux\/\">yum install<\/a> -y epel-release\nsudo yum install -y fail2ban<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"verify-installation\"><strong>Verify Installation<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>fail2ban-client -V\n# Example: 0.11.x (supports nftables, bantime.increment, etc.)<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"create-and-tune-jail-local-core-configuration\"><strong>Create and Tune jail.local (Core Configuration)<\/strong><\/h2>\n\n\n\n<p>Fail2ban reads defaults from jail.conf. Don\u2019t edit that file directly. Instead, create jail.local to override settings and enable jails.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-1-create-etc-fail2ban-jail-local\"><strong>Step 1: Create \/etc\/fail2ban\/jail.local<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/etc\/fail2ban\/jail.local<\/code><\/pre>\n\n\n\n<p>Use this safe, cross-distro starting point. Adjust IPs, emails, and ports as needed.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;DEFAULT]\n# Ban timing\nbantime = 12h\nfindtime = 10m\nmaxretry = 5\nbantime.increment = true\nbantime.factor = 1.5\nbantime.maxtime = 1w\n\n# Avoid locking yourself out\nignoreip = 127.0.0.1\/8 ::1 203.0.113.10\n\n# Logs and notifications\nloglevel = INFO\nlogtarget = \/var\/log\/fail2ban.log\ndestemail = admin@example.com\nsender = fail2ban@example.com\nmta = sendmail\naction = %(action_mwl)s\n\n# Choose your firewall backend (pick ONE based on your system)\n# For UFW on Ubuntu\n# banaction = ufw\n# For firewalld on RHEL\/AlmaLinux\n# banaction = firewallcmd-ipset\n# For iptables (legacy)\n# banaction = iptables-multiport\n# For nftables (modern Debian\/Ubuntu\/RHEL)\nbanaction = nftables-multiport\n\n# Use systemd journal if available for more reliable log reading\nbackend = systemd\n\n&#91;sshd]\nenabled = true\nport = ssh\n# Use distro-provided variable that maps to correct SSH log file\nlogpath = %(sshd_log)s\nmaxretry = 5\nfindtime = 10m\nbantime = 24h<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"key-options-explained\"><strong>Key Options Explained<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>bantime, findtime, maxretry: How long to ban, time window for counting failures, and how many failures trigger a ban.<\/li>\n\n\n\n<li>bantime.increment: Gradually increases ban time for repeat offenders; helpful against persistent bots.<\/li>\n\n\n\n<li>ignoreip: Whitelist your office\/VPN IPs to prevent lockouts.<\/li>\n\n\n\n<li>banaction: Must match your firewall (ufw, firewalld, iptables, nftables).<\/li>\n\n\n\n<li>backend: \u201csystemd\u201d reads from the journal; more reliable than log files on modern systems.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"firewall-backends-and-ports\"><strong>Firewall Backends and Ports<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>UFW: Set <code>banaction = ufw<\/code> and ensure UFW is enabled.<\/li>\n\n\n\n<li>firewalld: Use <code>banaction = firewallcmd-ipset<\/code> and keep firewalld running.<\/li>\n\n\n\n<li>nftables\/iptables: On newer distros, <code>nftables-multiport<\/code> works best. Legacy systems can use <code>iptables-multiport<\/code>.<\/li>\n\n\n\n<li>Changed SSH port? Update <code>[sshd]<\/code> <code>port<\/code> (e.g., <code>port = 2222<\/code>).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-and-start-fail2ban\"><strong>Enable and Start Fail2ban<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl enable --now fail2ban\nsudo systemctl status fail2ban<\/code><\/pre>\n\n\n\n<p>If you change the config later, reload:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo fail2ban-client reload<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"protect-common-services-with-jails\"><strong>Protect Common Services with Jails<\/strong><\/h2>\n\n\n\n<p>Beyond SSH, enable jails for your web server and mail stack. Only enable what you use.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"nginx\"><strong>Nginx<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;nginx-http-auth]\nenabled = true\nlogpath = \/var\/log\/nginx\/error.log\n\n&#91;nginx-botsearch]\nenabled = true\nlogpath = \/var\/log\/nginx\/error.log\nmaxretry = 10\nfindtime = 10m\nbantime = 24h<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"apache\"><strong>Apache<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;apache-auth]\nenabled = true\nlogpath = \/var\/log\/apache2\/error.log\n# RHEL-based:\n# logpath = \/var\/log\/httpd\/error_log\n\n&#91;apache-badbots]\nenabled = true\nlogpath = \/var\/log\/apache2\/access.log<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"mail-postfix-dovecot\"><strong>Mail (Postfix\/Dovecot)<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;postfix]\nenabled = true\nlogpath = \/var\/log\/mail.log\n# RHEL-based: \/var\/log\/maillog\n\n&#91;dovecot]\nenabled = true\nlogpath = \/var\/log\/mail.log<\/code><\/pre>\n\n\n\n<p>After editing, reload and confirm jails are active:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo fail2ban-client reload\nsudo fail2ban-client status\nsudo fail2ban-client status sshd<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"testing-monitoring-and-managing-bans\"><strong>Testing, Monitoring, and Managing Bans<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"list-jails-and-see-banned-ips\"><strong>List Jails and See Banned IPs<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo fail2ban-client status\nsudo fail2ban-client status sshd<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"unban-or-ban-an-ip-manually\"><strong>Unban or Ban an IP Manually<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Unban\nsudo fail2ban-client set sshd unbanip 198.51.100.25\n\n# Ban immediately\nsudo fail2ban-client set sshd banip 198.51.100.25<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"dry-run-a-filter-against-logs\"><strong>Dry-Run a Filter Against Logs<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Test if a filter catches malicious lines\nsudo fail2ban-regex \/var\/log\/auth.log \/etc\/fail2ban\/filter.d\/sshd.conf<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"best-practices-and-hardening-tips\"><strong>Best Practices and Hardening Tips<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Whitelist admin IPs: Add office\/VPN IPs to <code>ignoreip<\/code>.<\/li>\n\n\n\n<li>Use incremental bans: <code>bantime.increment = true<\/code> with a sensible <code>bantime.maxtime<\/code> (e.g., one week).<\/li>\n\n\n\n<li>Enable recidive: Catch repeat offenders across multiple jails over time.<\/li>\n\n\n\n<li>Move SSH to a non-standard port: Reduce noise; reflect that change in your <code>[sshd]<\/code> jail.<\/li>\n\n\n\n<li>Keep logs healthy: Ensure logrotate is working so Fail2ban reads fresh logs; with <code>backend = systemd<\/code>, rely on journal.<\/li>\n\n\n\n<li>Layer security: Combine Fail2ban with strong passwords\/keys, 2FA where possible, and cloud firewalls or provider-level filters.<\/li>\n\n\n\n<li>Email alerts: Use <code>action = %(action_mwl)s<\/code> for ban emails that include whois and log excerpts.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"recidive-jail-highly-recommended\"><strong>Recidive Jail (Highly Recommended)<\/strong><\/h3>\n\n\n\n<p>Recidive re-bans IPs that have been banned by any jail multiple times within a period. This is excellent for persistent attackers.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;recidive]\nenabled = true\nfilter = recidive\nlogpath = \/var\/log\/fail2ban.log\nfindtime = 1d\nbantime = 7d\nmaxretry = 5<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-common-issues\"><strong>Troubleshooting Common Issues<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>No bans happening: Check logs (<code>\/var\/log\/fail2ban.log<\/code>), increase <code>loglevel = DEBUG<\/code>, confirm <code>backend = systemd<\/code> or correct <code>logpath<\/code>, verify that failed attempts are present in logs.<\/li>\n\n\n\n<li>Firewall not updating: Ensure matching <code>banaction<\/code> (ufw\/firewalld\/nftables\/iptables) and that the firewall service is active.<\/li>\n\n\n\n<li>Locked out of SSH: Use console\/serial access from your provider, add your IP to <code>ignoreip<\/code>, and reduce <code>bantime<\/code> or <code>maxretry<\/code> temporarily.<\/li>\n\n\n\n<li>Changed SSH port but still no bans: Update <code>port<\/code> in the <code>[sshd]<\/code> jail to your custom port.<\/li>\n\n\n\n<li>SELinux issues (RHEL-based): Check <code>audit.log<\/code> and use <code>setsebool<\/code>\/<code>semanage<\/code> if required; typically, Fail2ban works fine out of the box.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-tuning-examples\"><strong>Real-World Tuning Examples<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"quiet-a-high-traffic-ssh-server\"><strong>Quiet a High-Traffic SSH Server<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;sshd]\nenabled = true\nport = ssh\nfindtime = 15m\nmaxretry = 6\nbantime = 48h\nbantime.increment = true\nbantime.factor = 2\nbantime.maxtime = 2w<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"nftables-on-modern-distros\"><strong>NFTables on Modern Distros<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;DEFAULT]\nbanaction = nftables-multiport\nbackend = systemd<\/code><\/pre>\n\n\n\n<p>This ensures Fail2ban manipulates nftables chains rather than legacy iptables, matching how modern kernels handle packet filtering.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"managed-security-with-youstable-optional-but-helpful\"><strong>Managed Security with YouStable (Optional but Helpful)<\/strong><\/h2>\n\n\n\n<p>If you\u2019d prefer not to manage server security alone, YouStable\u2019s managed VPS and dedicated servers can ship with Fail2ban pre-configured, along with hardened SSH, firewall policies, and 24\/7 monitoring. This frees you to focus on your apps while we handle patching and intrusion prevention.<\/p>\n\n\n\n<p>With these steps, you now know exactly how to setup Fail2ban on Linux server for robust, low-maintenance protection against <a href=\"https:\/\/www.youstable.com\/blog\/what-is-fail2ban-on-linux-server\/\">brute-force attacks<\/a> and common intrusion attempts. Keep your system updated, review logs regularly, and tune thresholds as your traffic evolves.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-how-to-setup-fail2ban-on-linux-server\"><strong>FAQs: How to Setup Fail2ban on Linux Server<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765796195584\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"what-is-fail2ban-and-how-does-it-work\"><strong>What is Fail2ban and how does it work?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Fail2ban monitors service logs for repeated failures (like SSH login attempts). When an IP exceeds thresholds, it adds a temporary firewall rule to block that IP. After bantime expires, the rule is removed. It\u2019s highly customizable <a href=\"https:\/\/www.youstable.com\/blog\/how-to-connect-to-server-via-ssh\/\">via jails for SSH<\/a>, web servers, and mail services.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765796203253\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-install-and-configure-fail2ban-on-ubuntu-22-04\"><strong>How do I install and configure Fail2ban on Ubuntu 22.04?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Run sudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-fail2ban-on-linux\/\">install fail2ban<\/a>, create \/etc\/fail2ban\/jail.local with your <code>[DEFAULT]<\/code> and <code>[sshd]<\/code> settings, set <code>banaction = ufw<\/code> or <code>nftables-multiport<\/code>, then <code>sudo systemctl enable --now fail2ban<\/code>. Verify with <code>fail2ban-client status<\/code> and adjust thresholds as needed.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765796211634\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"does-fail2ban-work-with-ufw-and-firewalld\"><strong>Does Fail2ban work with UFW and firewalld?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes. For UFW, use <code>banaction = ufw<\/code>. For firewalld, use <code>banaction = firewallcmd-ipset<\/code>. On nftables-based systems, <code>nftables-multiport<\/code> is recommended. Ensure your firewall service is running and enabled at boot.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765796223889\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-can-i-unban-an-ip-or-see-who-is-banned\"><strong>How can I unban an IP or see who is banned?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use <code>sudo fail2ban-client status<\/code> to list jails and counts, <code>sudo fail2ban-client status sshd<\/code> to view banned IPs in that jail, and <code>sudo fail2ban-client set sshd unbanip &lt;IP&gt;<\/code> to unban. All actions are logged in <code>\/var\/log\/fail2ban.log<\/code>.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765796233800\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"what-are-recommended-fail2ban-settings-for-ssh\"><strong>What are recommended Fail2ban settings for SSH?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>For most servers: <code>findtime = 10\u201315m<\/code>, <code>maxretry = 5\u20136<\/code>, <code>bantime = 12\u201348h<\/code>, with <code>bantime.increment = true<\/code>. Whitelist your IP via <code>ignoreip<\/code>, and consider moving SSH to a non-standard port. Enable <code>recidive<\/code> to catch persistent attackers over longer periods.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>To set up Fail2ban on a Linux server, install the package, create a jail.local configuration, enable and tune the sshd [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15561,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"iawp_total_views":3,"footnotes":""},"categories":[350],"tags":[],"class_list":["post-13335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Setup-Fail2ban-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=13335"}],"version-history":[{"count":4,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13335\/revisions"}],"predecessor-version":[{"id":15564,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13335\/revisions\/15564"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15561"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=13335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=13335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=13335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}