> fail2ban
Protect servers from brute force attacks with Fail2Ban. Use when a user asks to block repeated failed login attempts, protect SSH, secure web servers from brute force, or ban malicious IPs automatically.
curl "https://skillshub.wtf/TerminalSkills/skills/fail2ban?format=md"Fail2Ban
Overview
Fail2Ban monitors log files for failed authentication attempts and bans offending IPs using iptables/nftables. Protects SSH, Nginx, Apache, Postfix, and any service with log-based authentication.
Instructions
Step 1: Install
sudo apt install fail2ban
sudo systemctl enable fail2ban
Step 2: Configure
# /etc/fail2ban/jail.local — Custom configuration (never edit jail.conf)
[DEFAULT]
bantime = 1h
findtime = 10m
maxretry = 5
banaction = iptables-multiport
[sshd]
enabled = true
port = ssh
maxretry = 3
bantime = 24h
[nginx-http-auth]
enabled = true
port = http,https
maxretry = 5
[nginx-botsearch]
enabled = true
port = http,https
maxretry = 2
bantime = 7d
Step 3: Monitor
sudo fail2ban-client status # list active jails
sudo fail2ban-client status sshd # show banned IPs
sudo fail2ban-client set sshd unbanip 1.2.3.4 # unban
sudo fail2ban-client set sshd banip 5.6.7.8 # manual ban
Guidelines
- Always create jail.local — jail.conf gets overwritten on updates.
- Start conservative: 5 retries, 1h ban. Adjust based on logs.
- For modern alternative with community threat sharing, consider CrowdSec.
- Use
fail2ban-regexto test custom filters before deploying.
> related_skills --same-repo
> zustand
You are an expert in Zustand, the small, fast, and scalable state management library for React. You help developers manage global state without boilerplate using Zustand's hook-based stores, selectors for performance, middleware (persist, devtools, immer), computed values, and async actions — replacing Redux complexity with a simple, un-opinionated API in under 1KB.
> zod
You are an expert in Zod, the TypeScript-first schema declaration and validation library. You help developers define schemas that validate data at runtime AND infer TypeScript types at compile time — eliminating the need to write types and validators separately. Used for API input validation, form validation, environment variables, config files, and any data boundary.
> xero-accounting
Integrate with the Xero accounting API to sync invoices, expenses, bank transactions, and contacts — and generate financial reports like P&L and balance sheet. Use when: connecting apps to Xero, automating bookkeeping workflows, syncing accounting data, or pulling financial reports programmatically.
> windsurf-rules
Configure Windsurf AI coding assistant with .windsurfrules and workspace rules. Use when: customizing Windsurf for a project, setting AI coding standards, creating team-shared Windsurf configurations, or tuning Cascade AI behavior.