Articles

Fail2ban Alternative

Fail2ban is a script for blocking SSH brute force login attacks. However, using Fail2ban puts you at risk of locking yourself out of your server and makes it difficult to know what addresses are blocked or how to whitelist them.

Common results of using Fail2ban are often frustration and panic when developers or their clients can't access their own sites and servers and those servers appear to be down when they are actually not down. Additionally, using Fail2ban requires you to first configure your own firewall as it does not configure a standard firewall of its own and is not compatible with ServerPilot's firewall.

A better alternative to Fail2ban is HeatShield, a sister company of ServerPilot. HeatShield's free plan provides the same firewall rules as ServerPilot and additionally includes SSH/SFTP brute force protection. When logged into your HeatShield account, you can see each server's blocked IP addresses and add addresses to a brute force blocking whitelist.

It is safe to use HeatShield on a server managed by ServerPilot. Once you install HeatShield, ServerPilot will detect that HeatShield is installed and will leave firewall management to HeatShield.