I have used both Fail2Ban and BFD, typically I go with Fail2Ban on servers running IPTables, and BFD when servers are running APF.
Are there any major differences between these 2 services? What are the strengths and Weaknesses between these 2 programs and compatibility issues?.
I didn't use much BFD. There are a couple of reasons, mostly because I find it limited compared to Fail2Ban. For instance: the BFD's purpose is to find failed login attempts, while Fail2Ban is to find pretty much anything in a log file, allowing you to create your own rules. Another reason is that BFD doesn't run as daemon. Instead, you have to schedule it through cron.
I use Fail2Ban to block brute-force attempts in websites made with WordPress, SSH, and FTP. Great tool, by the way.
Cya!
