diff --git a/tasks/essential.yml b/tasks/essential.yml
index 0f60b41..8ce6e5e 100644
--- a/tasks/essential.yml
+++ b/tasks/essential.yml
@@ -24,6 +24,7 @@
       - nginx
       - tor
       - ufw
+      - fail2ban
       - htop
       - zsh # :D
       - python3-certbot-nginx
diff --git a/tasks/firewall.yml b/tasks/firewall.yml
index 4a50228..40def8c 100644
--- a/tasks/firewall.yml
+++ b/tasks/firewall.yml
@@ -15,4 +15,19 @@
   community.general.ufw:
     rule: allow
     port: '443'
-    proto: tcp
\ No newline at end of file
+    proto: tcp
+
+- name: Startup UFW
+  community.general.ufw:
+    state: enabled
+
+- name: Copy fail2ban jail config
+  copy:
+    src: templates/fail2ban/jails.local
+    dest: /etc/fail2ban/jail.d/jails.local
+
+- name: Enable fail2ban service
+  systemd:
+    name: fail2ban
+    enabled: yes
+    state: restarted
\ No newline at end of file
diff --git a/templates/fail2ban/jails.local b/templates/fail2ban/jails.local
new file mode 100644
index 0000000..2d03119
--- /dev/null
+++ b/templates/fail2ban/jails.local
@@ -0,0 +1,8 @@
+[sshd]
+enabled = true
+
+[nginx-http-auth]
+enabled = true
+
+[nginx-botsearch]
+enabled = true
\ No newline at end of file