Pakete: 
  * Debian (ab 7): ''fail2ban''

Per default überwacht fail2ban bei debian ssh:

  egrep -A7 '\[sshd?\]' /etc/fail2ban/jail.conf
  less /etc/fail2ban/filter.d/sshd.conf

<file txt /etc/fail2ban/jail.conf>
…
[DEFAULT]
…
banaction = iptables-multiport
…
</file>

  less /etc/fail2ban/action.d/iptables-multiport.conf

fail2ban Zusammenfassung der Konfiguration anzeigen:
  fail2ban-client status
  fail2ban-client status sshd

====== Apache Basic Auth ======
Pakete: apache2 fail2ban (Debian 9)

  mkdir -p /srv/www/fail2ban
  htpasswd -c /srv/www/htpasswd_fail2ban heinz

<file txt /etc/apache2/conf-available/fail2ban-apache-auth-test.conf>
<directory /srv/www/fail2ban>
  AllowOverride AuthConfig
  AuthType        Basic
  AuthName        "Bitte Username und Passwort"
  AuthBasicProvider file
  AuthUserFile    /srv/www/htpasswd_fail2ban
  Require         valid-user
</directory>
</file>

<file html /srv/www/fail2ban/index.html>
<html>
  <head>
    <title>Hello fail2ban!</title>
  </head>
  <body>
    Hello fail2ban
  </body>
</html>
</file>

Zugriff lokal testen:
  wget --user heinz --password xxx -nv -O - http://127.0.0.1/fail2ban-test/index.html

<file txt /etc/fail2ban/jail.local>
[apache-auth]
enabled = true
</file>

  fail2ban-client reload
  fail2ban-client status
  fail2ban-client status apache-auth

Von einem anderen Rechner aus:
  ab -n 10 -A heinz:nono http://192.168.212.11/fail2ban-test/index.html

  less /var/log/fail2ban.log