diff --git a/services/fail2ban.nix b/services/fail2ban.nix
index 64e1da2..7522985 100644
--- a/services/fail2ban.nix
+++ b/services/fail2ban.nix
@@ -8,10 +8,9 @@ let
 in mkIf (elem "fail2ban" cfg.services) {
   services.fail2ban = {
     enable = true;
-    jails = { 
+    jails = {
       DEFAULT = ''
         bantime  = 3600
-        ignoreip = 127.0.0.1
         blocktype = DROP
         logpath  = /var/log/auth.log
       '';
@@ -59,7 +58,16 @@ in mkIf (elem "fail2ban" cfg.services) {
         bantime = 7200
       '';
     };
-  }; 
+  };
+
+  environment.etc."fail2ban/filter.d/sshd-ddos.conf" = {
+    enable = (active "openssh");
+    text = ''
+      [Definition]
+      failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$
+      ignoreregex =
+    '';
+  };
 
   environment.etc."fail2ban/filter.d/postfix-sasl.conf" = {
     enable = (active "mailserver");