This article covers the installation of Fail2ban and the configuration of an sshd filter. There are so many options to configure but we focused on the basic ones. Feel free to peruse the Fail2ban man pages by running man fail2ban to discover what more you can do with it.
Fail2ban is a free, open-source and widely used intrusion prevention tool that scans log files for IP addresses that show malicious signs such as too many password failures, and much more, and it bans them (updates firewall rules to reject the IP addresses).
By default, it ships with filters for various services including sshd.
To install and configure Fail2ban on CentOS/RHEL 8:
1. After logging into your system, access a command-line interface, then enable the EPEL repository on your system:
# dnf install epel-release
# dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
2. Afterward, install the Fail2ban package by running the following command:
# dnf install fail2ban
3. To start and enable the fail2ban service for now and check if it is up and running using the following systemctl command:
# systemctl start fail2ban
# systemctl enable fail2ban
# systemctl status fail2ban