fail2ban-client Command
Intermediate Firewall & Security man(1)Fail2ban client to manage ban rules
👁 12 views
📅 Updated: Mar 15, 2026
SYNTAX
fail2ban-client [OPTION]... COMMAND
What Does fail2ban-client Do?
fail2ban-client controls the fail2ban service, which monitors log files for malicious activity (failed logins, scanning attempts) and automatically bans offending IP addresses using the firewall.
fail2ban reads log files, matches entries against configurable patterns (filters), and triggers actions (typically iptables/nftables bans) when a threshold is exceeded. It is essential for protecting SSH, web servers, and other internet-facing services.
fail2ban uses jails — configurations that define which log to monitor, what patterns to match, and how to respond. Common jails protect SSH (sshd), Apache, Nginx, and Postfix.
fail2ban reads log files, matches entries against configurable patterns (filters), and triggers actions (typically iptables/nftables bans) when a threshold is exceeded. It is essential for protecting SSH, web servers, and other internet-facing services.
fail2ban uses jails — configurations that define which log to monitor, what patterns to match, and how to respond. Common jails protect SSH (sshd), Apache, Nginx, and Postfix.
Options & Flags
| Option | Description | Example |
|---|---|---|
| status | Show fail2ban status | sudo fail2ban-client status |
| status JAIL | Show jail status and banned IPs | sudo fail2ban-client status sshd |
| set JAIL banip | Manually ban an IP | sudo fail2ban-client set sshd banip 192.168.1.100 |
| set JAIL unbanip | Unban an IP | sudo fail2ban-client set sshd unbanip 192.168.1.100 |
| reload | Reload configuration | sudo fail2ban-client reload |
| banned | Show all banned IPs | sudo fail2ban-client banned |
Practical Examples
#1 Check status
Shows fail2ban status and active jails.
$ sudo fail2ban-client status
Output:
Status
|- Number of jail: 2
`- Jail list: sshd, nginx-botsearch
#2 View jail details
Shows SSH jail details including banned IPs.
$ sudo fail2ban-client status sshd
Output:
Status for the jail: sshd
|- Currently banned: 3
`- Banned IP list: 1.2.3.4 5.6.7.8 9.10.11.12
#3 Ban IP manually
Manually bans an IP in the SSH jail.
$ sudo fail2ban-client set sshd banip 203.0.113.50#4 Unban IP
Removes a ban for a specific IP.
$ sudo fail2ban-client set sshd unbanip 203.0.113.50#5 Reload after config change
Reloads jail configurations without restarting.
$ sudo fail2ban-client reload#6 Show all banned
Lists all banned IPs across all jails.
$ sudo fail2ban-client bannedTips & Best Practices
Essential for public servers: fail2ban is one of the first services to configure on any internet-facing server. It dramatically reduces brute force attacks.
Custom jails: Create custom jails in /etc/fail2ban/jail.local for your applications. Define filter patterns in /etc/fail2ban/filter.d/.
Whitelist your IP: Add your IP to ignoreip in jail.local to prevent accidentally banning yourself.
Frequently Asked Questions
How do I unban an IP?
sudo fail2ban-client set JAIL unbanip IP_ADDRESS. Check jail name with: sudo fail2ban-client status.
How do I set up fail2ban?
Install fail2ban, copy jail.conf to jail.local, enable desired jails (sshd is default), restart the service.
How do I check which IPs are banned?
sudo fail2ban-client status sshd shows banned IPs for the SSH jail. Or: sudo fail2ban-client banned for all jails.
Related Commands
More Firewall & Security Commands
Master Linux with Professional eBooks
Curated IT eBooks covering Linux, DevOps, Cloud, and more
Browse Books →