Windows is just as hard as linux, harder even with all the layers of obscurity.
With Windows, there is 1 current version of Windows (11), 1 “almost current” (10), 1 “outdated but you’ll maybe see it” (8.x) and only a few “you’ll probably only see this in obscure situations” versions. Linux has as many “parent” distros/package management systems (apt, rpm, pacman, etc.). This definitely complicates things, as each distro family does things slightly differently.
And we haven’t even touched the window manager/DE choices, of which there are a ton (as opposed to Windows). “Combinatorical explosion” maybe isn’t the right phrase, but you get the idea — Debian with i3wm is wildly different from Fedora Plasma.
This is all a good thing though, as Linux users tend to like the choice and flexibility — but it does mean that the “right way” to do something on Linux is very dependent on your particular setup, which isn’t the case with Windows.
(I have used Linux for the last 20+ years, and it’s definitely my preferred setup, and am lucky enough that I rarely use Windows for work, and never for personal use.)
Fail2ban config can get fairly involved in my experience. I’m probably not doing it the right way, as I wrote a bunch of web server ban rules — anyone trying to access wpadmin gets banned, for instance (I don’t use WordPress, and if I did, it wouldn’t be accessible from my public facing reverse proxy).
I just skimmed my nginx logs and looked for anything funky and put that in a ban rule, basically.