Customizations: fail2ban.local

As with all F2B settings, you should always be working with the .local files so that updates do not overwrite your custom settings. This repo sets the following and these are the minimum options I suggest you review on any new set up.

loglevel

This sets the verbosity of the log output from F2B. The default setting of INFO is appropriate for most installs but, you should specify it anyway so you have an easy place to change it if you need to do so.

loglevel = INFO

logtarget

This controls the location of the F2B log file where it logs it's own actions. This is NOT the location of the log files it reads for banning! Again, the default is appropriate for most installs, but you should specify it in your custom configuration so you have an easy place to change it if needed.

logtarget = /var/log/fail2ban.log

dbpurgeage

This controls how long F2B keeps a record of systems it has banned for whatever reason. By default, this is set to one day. I prefer having a one week record so I can set longer banning periods. You cannot enforce bans for longer than the record of the ban exists (this setting) otherwise, F2B has no idea how to unban automatically! You can set it to whatever you want, duration is expressed in seconds. In this case, I set it to one week (86,400 seconds = 1 day x 7 = 1 week = 604,800 seconds).

dbpurgeage = 604800

Other settings

There are many other options you can configure, but the defaults are pretty good in nearly all cases. That's why I only change these settings. Review the comments in the fail2ban.conf file for details on all settings.