I stumbled upon the problem of fail2ban not banning after I had moved my ssh server to non standard port (let’s say 22022).

To make fail2ban produce the right rules after a number of failed authentication attempts, I edited /etc/fail2ban/jail.conf. pre: image You should change port as per your custom port. example: [ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=22022, protocol=tcp]
           sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com]
logpath  = /var/log/secure
maxretry = 5 Then restart fail2ban /etc/init.d/fail2ban restart and check iptables rule as follows: image