diff --git a/modules/common/default.nix b/modules/common/default.nix
index 5055f90..0288e39 100644
--- a/modules/common/default.nix
+++ b/modules/common/default.nix
@@ -11,6 +11,7 @@
     ./backup.nix
     ./boot.nix
     ./exporters.nix
+    ./fail2ban.nix
     ./nginx.nix
     ./nix.nix
     ./ssh.nix
diff --git a/modules/common/fail2ban.nix b/modules/common/fail2ban.nix
new file mode 100644
index 0000000..5a6db48
--- /dev/null
+++ b/modules/common/fail2ban.nix
@@ -0,0 +1,12 @@
+{
+  services.fail2ban = {
+    enable = true;
+    bantime = "1h";
+    bantime-increment = {
+      enable = true;
+      overalljails = true;
+      factor = "4";
+      maxtime = "1y";
+    };
+  };
+}