opinions on the suggested fail2ban and ufw?
replies(4):
It has a real and dramatic impact on a few things - I got CPU warnings from one server a couple weeks back because I'd inadvertently broken logging and fail2ban stopped working and someone was doing a persistent brute force at high volume for 8 hours.
After I fixed fail2ban it dropped off immediately. I know some WordPress plugins will do this but I've not had much success with them compared to fail2ban so it's still my default for this purpose.
Are there better system-level approaches than fail2ban in this case? Or is your comment mostly directed towards those using it for ssh blocking?