Fail2Ban is an intrusion prevention software that protects servers from brute force attacks. It is able to run on POSIX systems that have a network traffic control interface or firewall installed locally (e.g. iptables or TCP Wrapper).

Fail2Ban monitors log files (e.g. /var/log/secure.log, /var/www/roxy-wi/log/roxy-wi.log, etc.) for selected entries and runs scripts. Mostly, this is used to block selected IP addresses that may belong to hosts that are trying to breach the system's security. It can ban any host IP address that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. Includes support for both IPv4 and IPv6. Optionally longer bans can be custom-configured for "recidivist" that keep coming back. Fail2Ban is typically set up to unban a blocked host within a certain period of time.

Roxy-WI supports Fail2ban since v4.3.0. Fail2ban protects SSH, Roxy-WI and Apache against various brute force attacks.

Fail2ban is disabled by default. You may enable it in the Services-Admin area section.