fail2ban

fail2ban vs CrowdSec on a small VPS: where the rule sets overlap, where they fight each other, and how to pick one without re-banning everything

by
Terminal screen showing system logs and security monitoring output — photo by Tima Miroshnichenko on Pexels

I’ve been running fail2ban on this Oracle box since the day I provisioned it. Six months ago I added CrowdSec because I wanted the community blocklist for SSH brute-force IPs. For three months they coexisted and I assumed it was …