Brute-Force Attack detected in service log on User(s) admin, root?

wpspeedster

Well-known member
Registered
Joined
May 6, 2016
Messages
120
Points
18
I am getting so many messages likes this from my hosting control panel with title "Brute-Force Attack detected in service log on User(s) admin, root" although I installed ConfigServer Firewall&Security

A brute force attack has been detected in one of your service logs.
User admin has 186 failed login attempts: dovecot1=16 & exim1=5 & exim2=32 & pure-ftpd1=55 & sshd5=78
how to solve this problem?
 

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
The failed attempts to login to these services has been blocked, so not much to worry about.
Brute force attacks are something that happens 24/7. You can decrease the amount of failed login attempts by lowering your failed attempts block limit in the CSF config file.
 

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
/etc/csf/csf.conf

Look for the services you want to change the limit for

example

LF_SSHD = 3 (this will block ssh login attempts after 3 fails)

Don't forgot to reload csf after making any changes

/etc/init.d/csf restart
 
Newer Threads
Latest Threads
Replies
0
Views
19
Replies
1
Views
37
Replies
0
Views
226
Replies
1
Views
48

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top