Complete Fail2Ban Uninstall Guide

Remove Fail2Ban and all configuration files from Ubuntu Server for a clean system.

1. Stop Fail2Ban Service

sudo systemctl stop fail2ban

2. Unban All IPs

Clear all current bans before uninstalling:

sudo fail2ban-client unban --all

3. Disable the Service

sudo systemctl disable fail2ban

4. Remove Fail2Ban Package

Use purge to remove the package and its configuration files:

sudo apt purge fail2ban -y

5. Remove Dependencies

Remove packages that were installed as dependencies:

sudo apt purge python3-pyinotify python3-pyasyncore -y

6. Clean Up Unused Packages

sudo apt autoremove -y

7. Remove Configuration Directories

Delete all remaining configuration files and directories:

sudo rm -rf /etc/fail2ban

8. Remove Log Files

sudo rm -f /var/log/fail2ban.log
sudo rm -f /var/log/fail2ban.log.*

9. Remove Runtime Files

sudo rm -rf /var/run/fail2ban
sudo rm -rf /var/lib/fail2ban

10. Clean IPTables Rules

Remove any remaining iptables rules created by fail2ban:

10.1 View Current Rules

sudo iptables -L -n --line-numbers

10.2 Flush All Custom Rules (if needed)

Warning: This removes ALL custom iptables rules, not just fail2ban rules.

sudo iptables -F

10.3 Remove Specific /24 Subnet Bans

If you only want to remove the /24 subnet bans:

# List rules with line numbers
sudo iptables -L INPUT -n --line-numbers

# Remove specific rule by line number (example: line 1)
sudo iptables -D INPUT 1

10.4 Remove All DROP Rules

Remove all DROP rules from INPUT chain:

while sudo iptables -D INPUT -j DROP 2>/dev/null; do :; done

11. Remove Systemd Service Files

sudo rm -f /etc/systemd/system/fail2ban.service
sudo rm -f /etc/systemd/system/multi-user.target.wants/fail2ban.service
sudo systemctl daemon-reload

12. Verify Complete Removal

12.1 Check Package Status

dpkg -l | grep fail2ban

Expected output: No results or status shows "rc" (removed, config files remain)

12.2 Check Configuration Directory

ls -la /etc/fail2ban

Expected output: ls: cannot access '/etc/fail2ban': No such file or directory

12.3 Check Log Files

ls -la /var/log/fail2ban*

Expected output: ls: cannot access '/var/log/fail2ban*': No such file or directory

12.4 Check Service Status

sudo systemctl status fail2ban

Expected output: Unit fail2ban.service could not be found.

12.5 Check IPTables

sudo iptables -L INPUT -n

Expected output: No fail2ban related DROP rules

Quick One-Liner

Complete uninstall in a single command sequence:

sudo systemctl stop fail2ban && \
sudo fail2ban-client unban --all 2>/dev/null; \
sudo systemctl disable fail2ban 2>/dev/null; \
sudo apt purge fail2ban python3-pyinotify python3-pyasyncore -y && \
sudo apt autoremove -y && \
sudo rm -rf /etc/fail2ban /var/run/fail2ban /var/lib/fail2ban && \
sudo rm -f /var/log/fail2ban.log* && \
sudo iptables -F && \
sudo systemctl daemon-reload

Summary Checklist

1. Stop service — systemctl stop fail2ban
2. Unban all IPs — fail2ban-client unban --all
3. Disable service — systemctl disable fail2ban
4. Purge package — apt purge fail2ban
5. Remove dependencies — apt purge python3-pyinotify python3-pyasyncore
6. Autoremove — apt autoremove
7. Delete /etc/fail2ban — rm -rf /etc/fail2ban
8. Delete logs — rm -f /var/log/fail2ban.log*
9. Delete runtime — rm -rf /var/run/fail2ban /var/lib/fail2ban
10. Clean iptables — iptables -F
11. Reload systemd — systemctl daemon-reload