diff --git a/harden b/harden
index 24716b9..e177ba2 100755
--- a/harden
+++ b/harden
@@ -323,7 +323,7 @@ EOF
     # Make sure docker is disabled after
     # having installed docker-compose, to make sure
     # only rootless docker is used
-    sudo systemctl disable --now docker.service docker.socket
+    # sudo systemctl disable --now docker.service docker.socket
     sudo machinectl shell secdep@ /bin/bash -c 'curl -SL https://github.com/docker/compose/releases/download/v2.20.3/docker-compose-linux-x86_64 -o /home/secdep/bin/docker-compose'
     sudo machinectl shell secdep@ /bin/bash -c 'chmod +x /home/secdep/bin/docker-compose'
     # Check if there is a docker-compose.yml file in the user's home directory and run it if there is
@@ -398,6 +398,7 @@ EOF
 #     sudo systemctl reload apparmor
 # }
 
+# Fix banaction ufw with iptables
 function configureFail2ban {
 FAIL2BAN_LOCAL=$(cat <<'EOF'
 [Definition]
@@ -419,6 +420,7 @@ bantime = 1d
 ignoreip = 127.0.0.1/8
 EOF
 )
+sudo mkdir -p /etc/fail2ban/jail.local
 printf "%s" "$FAIL2BAN_SSH_JAIL_LOCAL" | sudo tee /etc/fail2ban/jail.local/sshd.local
 FAIL2BAN_FILTER=$(cat <<'EOF'
 [Definition]
@@ -441,8 +443,10 @@ ReadWritePaths=/run/xtables.lock
 CapabilityBoundingSet=CAP_AUDIT_READ CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW
 EOF
 )
+sudo mkdir -p /etc/systemd/system/fail2ban.service.d
 printf "%s" "$HARDEN_FAIL2BAN_SERVICE" | sudo tee /etc/systemd/system/fail2ban.service.d/override.conf
 sudo systemctl enable fail2ban
+services+=("fail2ban") # Add fail2ban to the services array
 # sudo systemctl enable --now fail2ban
 printf "%s" "LogLevel VERBOSE" | sudo tee -a /etc/ssh/sshd_config
 #sudo systemctl restart sshd
@@ -456,9 +460,9 @@ function enableServices {
     whereis ufw | grep -q /ufw && currentFirewall="ufw" || currentFirewall="firewalld"
 
     if [[ "$currentFirewall" == "ufw" ]]; then
-        echo "You should enable ufw"
-        # sudo ufw enable
-        # sudo systemctl enable --now ufw
+        # echo "You should enable ufw"
+        sudo ufw --force enable
+        sudo systemctl enable --now ufw
     elif [[ "$currentFirewall" == "firewalld" ]]; then
         sudo firewall-cmd --reload
     else