Fail2ban vs Denyhosts vs Iptables

wpspeedster

Well-known member
Registered
Joined
May 6, 2016
Messages
120
Points
18
The problem is that I am still getting logs that showing IP addresses trying to login and connect to SSH. I need a firewall to stop these. Reading that Fail2ban, Denyhosts and Iptables are best choices for this but not sure which is the best. What are your suggestions and how do people on Forum Web Hosting handle this problem?
 

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
Most of these programs are just a font end for IPtables (this is the firewall)

I would go with CSF https://configserver.com/cp/csf.html easy to setup and provides a simple rules management tool. If you have WHM on your server you could just enable cPHulk with a couple of clicks which is also a decent firewall solution.
 

GswHosting

Well-known member
Registered
Joined
Aug 23, 2016
Messages
233
Points
0
You can change ssh port from 22 to any you want. What do you have now firewall or iptables ?
Just make sure that you allow ssh connetion trought that port.
 

Malware.Expert

Member
Registered
Joined
Jun 18, 2018
Messages
55
Points
18
Use firewall, Change your SSH port something else than port 22. Also use only SSH Login keys and Disable password authentication.
 

mobin

Well-known member
Registered
Joined
Jun 22, 2017
Messages
234
Points
28
I like CSF and Fail2Ban. But that will not help if you install a firewall and leave SSH port open. So you need to change SSH port, restrict SSH access from certain IPs if possible, disable password AUTH is possible, disable direct root and finally configure the firewall to protect brute-force against SSH.
 
Older Threads
Replies
5
Views
3,145
Replies
9
Views
5,528
Replies
5
Views
4,216
Latest Threads
Replies
0
Views
38
Replies
0
Views
58
Replies
1
Views
84
Replies
1
Views
95

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top