Why Am I Getting Brute Force Attacks?

Maxoq

Well-known member
Registered
Joined
Feb 25, 2015
Messages
520
Points
28
I installed csf firewall as suggestions on the forum but i am still getting Brute Force Attacks on my VPS.
What are the ways to block Brute Force Attacks completely?

There are so many Brute Force Attacks like this i am getting on my hosting.

Brute Force Attacks.png
 

R Langley

Well-known member
Registered
Joined
Dec 12, 2016
Messages
205
Points
0
I installed csf firewall as suggestions on the forum but i am still getting Brute Force Attacks on my VPS.
What are the ways to block Brute Force Attacks completely?

There are so many Brute Force Attacks like this i am getting on my hosting.

View attachment 1855
Change your SSH port or install fail2ban.
 

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
Yeah just change the port number for SSH, brute force is something you can't stop 100% but just block those address after a certain number of failed attempts with CSF.
Even with the default SSH port a good block policy i.e 5 failed attempts should get keep you safe. If you are seeing repeat offenders just blacklist them permanently.
 

energizedit

Well-known member
Registered
Joined
Dec 13, 2016
Messages
259
Points
18
Your upstream host may be able to help with this too. They don't want the bad traffic on their networks, so they should be able to help with a solution too. I would contact them.
 

Colombiawebs

Active member
Registered
Joined
Dec 14, 2016
Messages
65
Points
8
good day

If you use cpanel, ask your hosting provider to enable the following option

CPHulk Brute Force Protection

Documentation

documentation.cpanel.net/display/ALD/cPHulk+Brute+Force+Protection


Blessings
 
Last edited:

HostXNow

Well-known member
Hosting Provider
Registered
Joined
Nov 26, 2014
Messages
374
Points
28
It looks like CSF + cPHulk is doing its job. Those are just warning notifications which you can safely disable.
 

StartVM

Well-known member
Registered
Joined
Aug 5, 2016
Messages
241
Points
18
Besides the points already mentioned, if you notice the attacks are all coming from the same high-risk countries such as China, Russia, Bangladesh, I would consider just blocking large blocks of IPs from those countries unless you are targeting them in your sales.
 
Older Threads
Recommended Threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top