Prerequisites
Before whitelisting an IP, make sure you have:
- Fail2ban installed and running
- Root or sudo privileges
- Your current IP address
Step 1: Find Your Current IP
Connect to your VPS:
ssh hxroot@YOUR_SERVER_IP -p 22Or from any machine:
curl ifconfig.meStep 2: Add IP to Whitelist
sudo nano /etc/fail2ban/jail.localUnder [DEFAULT] section, add or modify:
[DEFAULT]
ignoreip = 127.0.0.1/8 ::1 YOUR_HOME_IPExample with multiple IPs:
ignoreip = 127.0.0.1/8 203.0.113.45 192.168.1.0/24Step 3: Apply Changes
sudo systemctl restart fail2banStep 4: Verify Whitelist is Applied
sudo fail2ban-client get sshd ignoreipAlternative: Whitelist Using fail2ban-client
sudo fail2ban-client set sshd addignoreip 203.0.113.45This change is temporary and lost after restart. Use jail.local for permanent whitelist.
Whitelist Range (CIDR Notation)
ignoreip = 192.168.1.0/24 10.0.0.0/8Check Current Whitelist for Specific Jail
sudo fail2ban-client get sshd ignoreipRemove IP from Whitelist
Edit /etc/fail2ban/jail.local and remove the IP, then restart.
Whitelist Using /etc/hosts.allow (Alternative)
For SSH only, add to /etc/hosts.allow:
sshd: 203.0.113.45✅ Your IP has been whitelisted. You will not be banned even after multiple failed attempts.