# Installation und Config **Auf Hetzner:** ```bash apt install -y fail2ban nano /etc/fail2ban/jail.local ``` **Inhalt:** ```ini [DEFAULT] bantime = 3600 findtime = 600 maxretry = 5 ignoreip = 127.0.0.1/8 ::1 action = %(action_)s telegram destemail = root@localhost sendername = Fail2Ban mta = mail [sshd] enabled = true port = 9999 filter = sshd logpath = /var/log/auth.log maxretry = 3 bantime = 7200 ``` **Telegram-Action** ```bash nano /etc/fail2ban/action.d/telegram.conf ``` **Inhalt (mit eigenen Werten)** ```ini [Definition] actionstart = curl -s -X POST https://api.telegram.org/bot/sendMessage -d chat_id= -d text="🛡️ Fail2Ban gestartet auf " actionstop = curl -s -X POST https://api.telegram.org/bot/sendMessage -d chat_id= -d text="⚠️ Fail2Ban gestoppt auf " actioncheck = actionban = curl -s -X POST https://api.telegram.org/bot/sendMessage -d chat_id= -d parse_mode=HTML -d text="🚨 IP gebannt!%%0AServer: %%0AJail: %%0AIP: %%0AVersuche: %%0AZeit: $(date)" actionunban = curl -s -X POST https://api.telegram.org/bot/sendMessage -d chat_id= -d text="✅ IP entsperrt: auf " [Init] ``` **Aktivieren:** ```bash systemctl restart fail2ban systemctl status fail2ban ```